Privacy professionals

Privacy professionals

You and Debbie downer should know that when you attempted to log into my disabled Facebook account I received a text message that an attempt was made. I know it was you because it was the same day the two of you were having a little meeting about our neighborhood Facebook page. Your nephew also threw you under the bus anytime you talked crap about me.

There's hardly ever such a thing as truly free money. We pay for everything, in some way: with labor, with time, with suffering. So getting a payment from a tech or social media settlement isn't exactly free - it's likely the company messed up in some way and it legitimately owes you that cash - but it certainly can feel like getting free money. And if you're already using the tech or platform, then you might as well get paid for the issue.

Today's reminder of the insider threat comes to us from the National Health Service in the U.K. Craig Meighan and Billy Gaddi report: A woman has been charged after Scots patients had their private medical records accessed during an NHS data breach. Reports suggest around 100 patients in NHS Lothian could have had their records accessed as a result of the incident. The health board said it discovered patients in the region may have had their information "inappropriately accessed" during routine monitoring.

When asked backstage what Waymo is doing to change the perception of its vehicles, Mawakana pointed to the company's push to put local artists' designs on some cars as part of a broader effort to "make the fleet more a part of the community." But while Waymo often pushes back on surveillance requests, she said the company has to "continue to work with first responders to help us address this challenge" of vandalism.

October is Cybersecurity Awareness Month, and TikTok has launched a range of new tips videos and pointers to help users improve the security of their profiles, and ensure they avoid common scams and schemes. Because more and more people are falling for online scams, with the FBI's Internet Crime Complaint Center reporting a record $16.6 billion in consumer losses in 2024.

Britain's data watchdog has fined a sole trader £200,000 for nearly a million spam texts targeting people in debt - almost 20 pence per message. Bharat Singh Chand sent 966,449 messages about debt solutions and energy saving grants from 383 mobile numbers between December 3, 2023, and July 3, 2024, according to the Information Commissioner's Office (ICO). This resulted in the fine confirmed today.

Their Royal Highnesses the Prince and Princess of Wales have been successful in legal proceedings brought in France against the owner of Paris Match, which published a grossly intrusive article and long-lens paparazzi photographs of their private family holiday in the Alps in April. The ruling affirms that, notwithstanding their public duties as members of the royal family, their Royal Highnesses and their children are entitled to respect for their private lives and family time, without unlawful interference and intrusion.

Kids watch a lot of YouTube. Google's keenly aware of that: It offers a version of the YouTube app that's explicitly made for children's content in YouTube Kids, and earlier this year, rolled out a controversial AI-based age estimation system to automatically flag accounts that may be used by minors. These measures are meant in part to help Google avoid legal trouble - like a 2019 class-action suit filed in California accusing Google and YouTube of violating privacy laws by collecting information about minors

When Apple dropped App Tracking Transparency (ATT) prompts in iOS 14.5 back in 2021, it was a watershed moment for user privacy within third-party applications. Nothing like it had existed prior. The initiative gave iPhone users control over whether their in-app data could be aggregated and shared with third parties for advertising or other various purposes. Still, today, I often find comments online from people who don't really know what it does and find the wording very taboo.

DEAR MISS MANNERS: I occasionally enjoy having lunch at a restaurant with a group of longtime friends. All is well until the time comes when they want to take a group photo, which, of course, gets posted on Facebook. I do not post on social media. I do not want my life, in words nor photos, posted. So I quietly say I'll back out of camera range, as I don't want a picture of me posted online.

Those AI tools are being trained on our trade secrets. We'll lose all of our customers if they find out our teams use AI. Our employees will no longer be able to think critically because of the brain rot caused by overreliance on AI. These are not irrational fears. As AI continues to dominate the headlines, questions about data privacy and security, intellectual property, and work quality are legitimate and important.

"As a result, we don't need as many roles in some areas as we once did," he wrote, without disclosing the number of affected roles. Protti said Meta is making the changes as it has invested in "building more global technical controls" over the past few years, and has made "significant progress" in its approach to risk management and compliance.

During the sign-up process, new members complete a "liveness check" by taking a short video selfie within the app. The procedure collects and stores an encrypted map of information about the shape of the user's face. "We don't store a picture of your face, it's not photo recognition, it's data points about the shape of your face that are turned into a mathematical hash," says Yoel Roth, head of Trust and Safety for Match Group, which owns Tinder. Tinder then uses that "hash" to check whether a new sign-up matches an account that already exists on Tinder.

To that end, the company said it's introducing new warnings on WhatsApp when users attempt to share their screen with an unknown contact during a video call so as to prevent them from giving away sensitive information like bank details or verification codes. On Messenger, users can opt to enable a setting called "Scam detection" by navigating to Privacy & safety settings.

Details have emerged of a troubling case in which a basic engineering mistake wrecked a digital evidence investigation and led to wrongful accusations. An open judgment [PDF] published by the UK's Investigatory Powers Tribunal, which is responsible for investigating claims of British authorities illegally abusing their powers during the course of an investigation, detailed the impact on three people wrongly accused of child sex offences.

"To maximize freedom for our users, only sexual content involving minors is considered prohibited," reads an updated company document about what will be allowed, suggesting wide latitude for developers to use the company's platform to craft naughty experiences for users. As observers quickly pointed out, it was a pretty astonishing reversal for the company. Just two months ago, its CEO Sam Altman had boasted on a podcast that OpenAI hadn't "put a sexbot avatar in ChatGPT yet" - even though, he conceded at the time, doing so would be sure to boost engagement.

A Facebook feature that gives Meta AI the ability to suggest edits to photos stored on your phone's camera roll, but haven't yet been shared, is now rolling out to all users in the U.S. and Canada. The company announced on Friday that users can choose to opt in to receive these sharing suggestions, which will then prompt them to post photos to their Facebook Feed and Stories with the AI edits. First launched as a test over the summer, Facebook's app pops up a permission dialog box requesting access to "allow cloud processing" so users can get "creative ideas made for you from your camera roll." This box explains that the feature could offer ideas like collages, recaps, AI restyling, birthday themes, and more for the end user.

In this issue, we're helping you take control of your online privacy with Opt Out October; explaining the UK's attack on encryption and why it's bad for all users; and covering shocking new details about an abortion surveillance case in Texas. Prefer to listen in? Check out our audio companion, where EFF Security and Privacy Activist Thorin Klosowski explains how small steps to protect your privacy can add up to big changes. Catch the conversation on YouTube or the Internet Archive.

"When you read content on X, you should be able to verify its authenticity," Bier posted on X. "This is critical to getting a pulse on important issues happening in the world."

In the screenshot, you can see that the "About this account" page shows the date the user joined X, the number of times the username changed and the date of last change, the location the account is "based in," and a "Connected via" field that shows how the user is getting onto X. Bier's post generated a series of follow-up comments, some of which he responded to with more details about the service.

It is often difficult for people in India to remember life before Aadhaar. The digital biometric ID, allegedly available for every Indian citizen, was only introduced 15 years ago but its presence in daily life is ubiquitous. Indians now need an Aadhaar number to buy a house, get a job, open a bank account, pay their tax, receive benefits, buy a car, get a sim card, book priority train tickets and admit children into school.

LinkedIn Corp. must face three related lawsuits alleging it collected the sensitive information of visitors to several health-related websites without their consent in violation of California privacy laws. The individual plaintiffs in two of the proposed class actions adequately pleaded claims of invasion of privacy under the California Constitution and violations of section 632 of the California Invasion of Privacy Act, Judge Edward J. Davila of the US District Court for the Northern District of California said Oct. 10.

Our live panel featured (EFF Associate Director of Community Organizing), (EFF Staff Technologist), Mitch Stoltz (EFF IP Litigation Director) and Yael Grauer , Program Manager at Consumer Reports. Together, they unpacked how we arrived at a point where a handful of major tech companies dictate so much of our digital rights, how these monopolies erode privacy, and what real-world consequences come from constant data collection-and most importantly, what you can do to fight back.