Secret CIA Data Collection Program

Schneier on Security

Two US Senators claim that the CIA has been running an unregulated — and almost certainly illegal — mass surveillance program on Americans. The senator’s statement. Some declassified information from the CIA. No real details yet

Avast Announces Termination of Data Collection Subsidiary

Adam Levin

Avast will phase out Jumpshot, a subsidiary that sells user browsing data gleaned from its antivirus and security products. . “I The article resulted in a torrent of negative publicity for the company, especially for its promise to deliver data on “every search.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Passport scam foxing Texas populace with data collection

CyberSecurity Insiders

Moreover, they are seen collecting card details to help the victims get the money transferred into the account of HSI Department of Texas quickly. The post Passport scam foxing Texas populace with data collection appeared first on Cybersecurity Insiders.

John Oliver on Data Brokers

Schneier on Security

John Oliver has an excellent segment on data brokers and surveillance capitalism. Uncategorized data collection national security policy privacy video

Facebook Launches 'Privacy Center' to Educate Users on Data Collection and Privacy Options

The Hacker News

Meta Platforms, the company formerly known as Facebook, on Friday announced the launch of a centralized Privacy Center that aims to "educate people" about its approach with regards to how it collects and processes personal information across its family of social media apps.

TikTok Sued Over Data Collection of Minors | Avast

Security Boulevard

Former children’s commissioner of England Anne Longfield is suing TikTok on behalf of millions of children in the UK over data collection that Longfield maintains is without sufficient warning and transparency.

Google, Apple fined by Italian authority for aggressive data collection

Bleeping Computer

Italy's competition authority (Autorita Garante della Concorrenza e del Mercato) has announced a fine of 10 million Euros ($11.3 million) against Google and Apple. [.]. Legal Technology Apple Google

Colorado Passes Consumer Privacy Law

Schneier on Security

Uncategorized data collection data protection privacyFirst California. Then Virginia. Now Colorado. Here’s a good comparison of the three states’ laws.

ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection

Security Affairs

users for illegal data collection. The Chinese firm was accused to have failed to get the users’ consent to collect data in compliance with the Illinois biometric privacy law. ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S.

Biometric Data Collection Demands Scrutiny of Privacy Law

Dark Reading

An IT lawyer digs into the implications of collecting biometric data, why it can't be anonymized, and what nations are doing about it

Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2

Cisco Retail

Are employees exfiltrating sensitive proprietary data? by introducing endpoint Network Visibility Module (NVM) data as a primary telemetry source to provide organizations with continuity in remote worker monitoring and visibility without requiring NetFlow telemetry to be present.

ProtonMail Now Keeps IP Logs

Schneier on Security

” Uncategorized anonymity courts data collection data protection e-mail privacyAfter being compelled by a Swiss court to monitor IP logs for a particular user, ProtonMail no longer claims that “we do not keep any IP logs.”

Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2

Cisco Retail

Are employees exfiltrating sensitive proprietary data? by introducing endpoint Network Visibility Module (NVM) data as a primary telemetry source to provide organizations with continuity in remote worker monitoring and visibility without requiring NetFlow telemetry to be present.

The Power of Data Analysis in Threat Intelligence – Part 1: Data Collection and Data Mining

Digital Shadows

In 2020, there was an estimated 59 trillion gigabytes of data in the world. The post The Power of Data Analysis in Threat Intelligence – Part 1: Data Collection and Data Mining first appeared on Digital Shadows. Threat Intelligence Data Analysis

OSINT Data Collection: You Still Need Humans, but Automation is Well Worth the Investment

Security Boulevard

OSINT data collection automation ensures that teams are gathering the most relevant data as quickly and efficiently as possible, while keeping investigations – and investigators – secure.

Commercial Location Data Used to Out Priest

Schneier on Security

A Catholic priest was outed through commercially available surveillance data. There is a whole industry devoted to re-identifying anonymized data. Uncategorized cell phones data collection data mining de-anonymization geolocation privacy surveillance

China’s Olympics App Is Horribly Insecure

Schneier on Security

MY2022 is fairly straightforward about the types of data it collects from users in its public-facing documents. However, as the app collects a range of highly sensitive medical information, it is unclear with whom or which organization(s) it shares this information.

Interview with the Head of the NSA’s Research Directorate

Schneier on Security

There’s a lot of talk about quantum computing, monitoring 5G networks, and the problems of big data: The math department, often in conjunction with the computer science department, helps tackle one of NSA’s most interesting problems: big data.

Microsoft Products Under EU Investigation About Data Collection

Dark Reading

A new inquiry aims to determine whether contracts between Microsoft and EU organizations violate GDPR

Are Fake COVID Testing Sites Harvesting Data?

Schneier on Security

Speculation centered around data harvesting, but that didn’t make sense because it was far too labor intensive for that and — sorry to break it to you — your data isn’t worth all that much. Uncategorized COVID-19 data collection fraud healthcare

ThreatList: Google’s Advertising Network Dominates Global Data Collection

Threatpost

With DoubleClick, Analytics and AdWords under its belt, Google continues dominating when it comes to global data collection for advertising, a new report found. Most Recent ThreatLists Privacy Adsense Advertising advertising network AdWords Analytics aol advertising data collection DoubleClick google moat tracking

Changes in WhatsApp’s Privacy Policy

Schneier on Security

In 2016, WhatsApp gave users a one-time ability to opt out of having account data turned over to Facebook. Some of the data that WhatsApp collects includes: User phone numbers. Diagnostic data collected from app logs.

De-anonymization Story

Schneier on Security

The data that resulted in Burrill’s ouster was reportedly obtained through legal means. Carriers were caught in 2018 selling real-time location data to brokers , drawing the ire of Congress. Location data is not anonymous.

89% of Android Users Didn't Consent to Facebook Data Collection

Dark Reading

A new survey shows most Android users did not give Facebook permission to collect their call and text data

Poland and Lithuania fear that data collected via FaceApp could be misused

Security Affairs

Many security experts are warning of the risks of using the popular app, threat actors could be potentially interested in data collected by FaceApp. Poland’s digital affairs ministry is investigating into the app and it is evaluating the security risks posed by FaceApp to the personal data of its users. FaceApp CEO Yaroslav Goncharov attempted to reassure privacy advocates by explaining that Russian authorities did not have access to any user data.

The Dark Sides of Modern Cars: Hacking and Data Collection

Threatpost

How features such as infotainment and driver-assist can give others a leg up on car owners. Privacy Vulnerabilities Web Security Audi BMW Charlie Miller Chris Valasek driverless vehicles electronic control units smart cars Society of Automotive Engineers

On Executive Order 12333

Schneier on Security

Although electronic surveillance programs authorized by EO 12333 generally target foreign intelligence from foreign targets, its permissive targeting standards allow for the substantial collection of Americans’ communications containing little to no foreign intelligence value.

The US Military Buys Commercial Location Data

Schneier on Security

Vice has a long article about how the US military buys commercial location data worldwide. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned.

China’s Olympics App Is Horribly Insecure

Security Boulevard

Endpoint Security Bloggers Network cell phones china Data Collection encryption Privacy sports surveillance UncategorizedChina is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month.

Windows 10 snooping: Microsoft gets more time to tackle 'excessive' data collection

Tech Republic Security

Microsoft has been granted more time to change how Windows 10 collects data about users in order to comply with the French data protection act

Online Retailers That Cancel Purchases Continue To Utilize Personal Information Gathered During The Attempted Transactions

Joseph Steinberg

Furthermore, if we allow parties to use data collected in such a fashion is it not possible that we will encourage scammers to offer items for sale at “erroneous” prices specifically in order to collect data without having to deliver anything?

Retail 148

What Is Threat Intelligence? Understanding the Foundations of an Effective Threat Intel Program

Security Boulevard

The quality of your threat intelligence program directly correlates with how effectively your organization is able to protect itself from risks and keep sensitive data secure. Security Bloggers Network Blog Data Collection threat actors Threat Intel Threat Intelligence

TikTok Surreptitiously Collected Android User Data Using Google-Prohibited Tactic

Threatpost

data collection Encryption google mobile apps mobile devices Smartphones tiktok Wall Street JournalApp concealed the practice of gathering device unique identifiers using an added layer of encryption. Government Mobile Security Privacy Android ByteDance Ltd.

Amazon Fires Employee Who Leaked Customer Names, Emails

Threatpost

Breach Privacy amazon amazon data Amazon privacy customer notification data breach data collection Data sharing email address employee fired insider threat law enforcementAmazon notified customers and law enforcement of the insider-threat incident this week.

Data collection cheat sheet: how Parler, Twitter, Facebook, MeWe’s data policies compare

Security Affairs

CyberNews researchers analyzed data from multiple social platforms like Parler, Twitter, Facebook, MeWe’s to compare data policies. Users would need to read both Triller’s and Quickblox’ privacy policies to get a good idea of how their data is being collected and processed.

Facebook Privacy Glitch Gave 5K Developers Access to ‘Expired’ Data

Threatpost

Facebook has fixed a privacy issue that gave developers access to user data long after the 90-day "expiration" date. Facebook Privacy Cambridge analytics Data data collection Data sharing developer expired access Security social media third party app Third party apps

The TikTok Ban: Security Experts Weigh in on the App’s Risks

Threatpost

Government Malware Mobile Security Privacy app bans censorship China dangers data collection downloads mobile app security security concerns security experts Spying surveillance tik-tokWith no hard evidence of abuse, are bans warranted?

Covid-19 Spurs Facial Recognition Tracking, Privacy Fears

Threatpost

Government Privacy Biometrics coronavirus COVID-19 data collection Data Privacy facial recognition GDPR surveillance stateThe coronavirus pandemic is creating a lucrative market for facial recognition manufacturers. But privacy issues need to be top of mind, tech experts warn.

FTC Demands Broadband Providers Reveal Data Handling Practices

Threatpost

The FTC is ordering seven companies - including AT&T, T-Mobile, Comcast and more - to outline what data they collect, what they use the data for, and how transparent they're being with consumers. Government Privacy AT&T Comcast data collection Data Privacy FTC internet data ISP isp data collection Sprint T-Mobile

Europe under Review : Part 2 of 8 – Data Collection

Privacy and Cybersecurity Law

As the next in our series of “back to privacy basics”, we look the rules regarding collection and processing of […]. Europe

Wacom Tablet Data Exfiltration Raises Security Concerns

Threatpost

Wacom stated that its data collection is done only in aggregate -- but that doesn't fix the issues, according to security experts.

FTC Slams Children?s App Developer for COPPA Violations

Threatpost

Mobile Security Privacy children data privacy children's apps COPPA data collection Data Privacy enforcement action Federal Trade Commission fine FTC HyperBeard regulatoryChildren's app developer HyperBeard must pay $150,000 after the FTC claimed it violated privacy laws.

Govt.-Backed Contact-Tracing Apps Raise Privacy Hackles

Threatpost

Mobile Security Privacy apple California contact tracing COVID-19 data collection Electronic Frontier Foundation exposure notification Gavin Newsom google lawmakers legislators