Privacy professionals

Privacy professionals

TikTok also updated its Terms of Service and Privacy Policy to inform users that it will be collecting "new types of information," including device geolocation. What has , though, is a clause stating that the app will also collect any information they disclose about their race, religion, health, sexual orientation, gender identity and citizenship or immigration status. Interestingly, this language was likely added in , which is before President Trump returned to office.

Parents and guardians in the UAE are now legally required to supervise their children's online activity under the country's new Child Digital Safety Law, which transforms digital safety from guidance into enforceable responsibility. The legislation applies not only to families but also to global platforms used by children in the UAE, even if those companies have no physical presence in the country.

"I'm a big believer in the free market. But we have to admit when the free market is not working. And it hasn't worked here,"

TikTok's new US joint venture has made changes to its privacy policy that include expanding the type of location data the company can collect from its 200 million American users. The new policy was published after investors closed a deal with TikTok's Chinese owner ByteDance on Thursday to run the popular short-form video app's business in the US. The new joint venture said in its updated privacy terms that it may now "collect precise location data, depending on your settings"

Today, I'm talking with Alex Lintner, who is the CEO of technology and software solutions at Experian, the credit reporting company. Experian is one of those multinationals that's so big and convoluted that it has multiple CEOs all over the world, so Alex and I spent quite a lot of time talking through the Decoder questions just so I could understand how Experian is structured, how it functions, and how the kinds of decisions Alex makes actually work in practice.

Microsoft provided the FBI with the recovery keys to unlock encrypted data on the hard drives of three laptops as part of a federal investigation, Forbes reported on Friday. Many modern Windows computers rely on full-disk encryption, called BitLocker, which is enabled by default. This type of technology should prevent anyone except the device owner from accessing the data if the computer is locked and powered off.

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

We're diving into these data breaches and more with our latest EFFector newsletter. Since 1990, EFFector has been your guide to understanding the intersection of technology, civil liberties, and the law. This latest issue tracks U.S. Immigration and Customs Enforcement's (ICE) surveillance spending spree, explains how hackers are countering ICE's surveillance, and invites you to our free livestream covering online age verification mandates.

Most AI coding tools work by sending your code somewhere else. When you use Cursor, your code snippets travel to Cursor's backend (hosted on AWS) before being forwarded to model providers like OpenAI and Anthropic. Claude Code sends files and prompts directly to Anthropic's servers. This architecture works fine for most teams, but for healthcare companies handling PHI, financial institutions under SOC 2, or government contractors with classified codebases, any external data transmission can violate compliance requirements, regardless of encryption or zero-retention agreements.

The practice has come under legal scrutiny due to the lacking regulartory environment it operates in, with the ICO and multiple UK courts issuing findings against GPS tagging in immigration contexts. In addition to our ethical and legal concerns with tagging, the practice is ineffective at its stated purpose of reducing absconding and maintaining contact with migrants released on immigration bail.

Baton Rouge bought the Stalker VXE30 from Edge Autonomy, which partners with Lockheed Martin , and began operating under the brand Redwire this week . According to reporting from WBRZ ABC2 in Louisiana , the drone, along with training and batteries, costs about $1 million.

Identity theft: Saratoga residents reported that someone used their personal information to access their financial investment account and made fraudulent transactions totaling approximately $12,600. The transactions were cancelled, and no financial loss was incurred. Jan. 10 Theft by false pretenses: A Saratoga resident reported that someone hacked a former coworker's social media account, posted a vehicle for sale and collected approximately $12,000 from them via wire transfer, but then never provided the vehicle.

Having had a fairly analogue childhood in the late '90s/early 2000s, the scope of my baby and childhood photos extends to the odd physical photo album and a couple embarrassing framed pics around my family home. The rapid digital revolution, particularly the arrival of social media, drastically changed media storage and the landscape of photo/video sharing.

OCR continues to execute its enforcement mission under its statutory and regulatory authorities regarding civil rights, exercise of conscience, and health information privacy and security, and breach notification. OCR continues to investigate complaints filed, to conduct compliance reviews, and to review breaches of unsecured protected health information. OCR will be responsive to the HIPAA trends and compliance issues within OCR's jurisdiction that are affecting the public and the regulated industry.

The Federal Trade Commission said Wednesday it has finalized an order that bans General Motors and its OnStar telematics service from sharing certain consumer data with consumer reporting agencies. The finalized order, which comes a year after the agency reached a proposed settlement with GM, also requires the automaker to be more transparent with its consumers and obtain their explicit consent on any data collection.

For an annual fee of roughly $200,000 SANDAG grants immigration enforcement agencies, including Customs and Border Protection (CBP), access to the database, which is known as ARJIS. The database contains information from every law enforcement agency in San Diego County - which includes traffic citations, arrest records, field interviews, a local jail census and some driver license records. Local police agencies have shared data with their federal counterparts through ARJIS for decades.

Until now, those instructions had to be delivered to each data broker individually - not an easy feat, given that more than 500 brokers were registered in the state as of the end of last year. Making things even more difficult, some brokers obscured their opt-out forms from search results, as The Markup and CalMatters revealed in August. The new system delivers privacy instructions to every registered broker at once.

Almost 20 years ago, Apple CEO Steve Jobs announced the iPhone as "an iPod, a phone, an internet communicator." The world swooned at the time because that one device was all those things, and more. Today it is our wallet, our identity, our social media, our likes, dislikes, fitness levels, bank accounts, as well as our personal, sexual, and political identity.

Within days, hundreds of thousands of requests were being made to the Grok chatbot, asking it to strip the clothes from photographs of women. The fake, sexualised images were posted publicly on X, freely available for millions of people to inspect. Relatively tame requests by X users to alter photographs to show women in bikinis, rapidly evolved during the first week of the year, hour by hour, into increasingly explicit demands for women to be dressed in transparent bikinis, then in bikinis made of dental floss,

On Thursday, the company announced a new "AI Inbox" tab, currently in a beta testing phase, that reads every message in a user's Gmail and suggests a list of to-dos and key topics, based on what it summarizes. In Google's example of what this AI Inbox could look like in Gmail, the new tab takes context from a user's messages and suggests they reschedule their dentist appointment, reply to a request from their child's sports coach, and pay an upcoming fee before the deadline.

The Internet Watch Foundation (IWF) says its analysts have discovered "criminal imagery" of girls aged between 11 and 13 which "appears to have been created" using Grok. The AI tool is owned by Elon Musk's firm xAI. It can be accessed either through its website and app, or through the social media platform X. The IWF said it found "sexualised and topless imagery of girls" on a "dark web forum" in which users claimed they used Grok to create the imagery.

California isn't the only state to enact stronger consumer privacy laws in recent years, but its Delete Requests and Opt-Out Platform (DROP) is the first of its kind. The tool is live now, though brokers won't begin processing submissions until August. Here's what to do now if you live in California-and some options for removing your information from data brokers if you don't.

This tactic of using browser extensions to stealthily capture AI conversations has been codenamed Prompt Poaching by Secure Annex. The two newly identified extensions "were found exfiltrating user conversations and all Chrome tab URLs to a remote C2 server every 30 minutes," OX Security researcher Moshe Siman Tov Bustan said. "The malware adds malicious capabilities by requesting consent for 'anonymous, non-identifiable analytics data' while actually exfiltrating complete conversation content from ChatGPT and DeepSeek sessions."

IT security teams, especially the compliance cast, love drama. The slower, more arcane, and less intelligible the script, the louder the applause. Every few years, someone strides onstage with a seemingly edgy rallying cry: "Let's burn it all down and start again!" Let's be honest: torching the set doesn't fix the play. The real villain isn't any one framework. It's the lackluster production we force our best people to perform "assessments" that consume weeks, cost a fortune, and deliver stale, unread artifacts.