Companies doing business in the United States should have liability for users and customers' personal information. Companies sharing that data with third parties should retain that liability, and the third parties should accrue additional liability. (NOT assume responsibility for the liability!) By liability, I don't mean "pay for credit monitoring from a company that has previously lost the same data", I mean cash on the barrel head, payable to the customer liability. #privacy#pii#security
I attempted to play putt-putt today. I was asked to create an account, which included some #PII, including name, DOB, email address, phone number, etc.
I declined to give them my info. I was told I could not play without it. So I left.
Where will it end? Are we hurtling towards a future where you'll be required to provide #PII ...
🔹To buy groceries?
🔹To get gas?
🔹To get a soda from a vending machine?
Just like social security numbers, passport information, and other information that can be used to identify you, your email is PII - personally identifiable information.
Yet many services pretend like it isn’t.
The best way to protect your identity online is to use a #SimpleLogin alias whenever you’re asked to share your email address.
@simplelogin The problem is that many online services treat #email addresses like SSNs—a way to correlate you to other services.
Something seemingly innocuous, like suggesting friends and associates find you based on the email address they know or have in their contacts, is another way to link you to your actions outside the service.
Take #Google alone. Did you ever do a data takeout? They literally have gigabytes of raw plain-text data on you, collected from all your devices and their sensors. There are 1,000's of data hoarders like that.
What can AI trained on a billion individuals datasets on All About People™ do?
Affected #PII and #PHI of Clay County residents as well as other Minnesota counties' residents who used Social Services.
Interesting disclosure in terms of sharing investigation details. It doesn't come out and say directly whether they paid or not, but tells people they can request the full investigation details report.
@Tutanota I believe every website that uses #trackers to provide #pii to feed the #adtech beast should provide its visitors with such simple tutorial videos. An important first step in getting people to start understanding the 'cost' they pay for that wonderful, free to use online #software
The alleged Aadhar data breach, which is being seen as the biggest data breach in India’s history, raises serious questions about the security and reliability of India’s digital public infrastructure.
The Perry Johnson & Associates (PJ&A) breach that affected 1.2 million patients of Cook County Health in Illinois also affected millions of Northwell Health patients on Long Island,
PJ&A is a medical transcription service so lots of #PII and #PHI appear to be involved in this one.
The actual breach/exfil occurred months ago. So far, I've not found any attribution, any indication of any extortion/ransom demand, or any group claiming responsibility for this one.
In the recent case where 5 hospitals in southwestern Ontario suffered a cybersecurity attack, they have confirmed today that it was due to ransomware and that certain employee & patient data was leaked by the ransomware operators.
The affected hospitals and their non-profit IT provider are still trying to figure out the full extent of the breach and are also working with law enforcement & cyber-breach experts as well.
🤩 Aren't you just delighted by all those proprietary software apps for the #Fediverse?
😮 Don't be. Each time you choose proprietary you help turn the fedi slowly in the direction of the usual corporate hellscape that the rest of the Web already is.
😨 And then we end up in an online space where for years we can complain to each other how we squandered an opportunity and how #capitalism won once more.
🎯 Use #FOSS apps instead, created by the public for the public.
Yesterday on the #Dutch talkshow Op1 one topic was about the worrying services provided by #ClearviewAI who recognize billions of faces and provide #PII based on an image that's provided to them. The services are used (in a legal limbo) by countless agencies and companies. When this stuff gets available to the public in apps, any shady figure can doxx whomever they can photograph on their mobile. Scary dystopic stuff. #Privacy dies.
"'We do not share SAT scores or GPAs with Facebook or TikTok, and any other third parties using pixel or cookies,” said a College Board spokesperson. 'In fact, we do not send any [PII] through our pixels on the site....'
After receiving this comment, Gizmodo shared a screenshot of the College Board sending GPAs and SAT scores to TikTok using a pixel. The spokesperson then acknowledged that the College Board’s website actually does share this data."
#LinkedIn be like "Oh, you fiddled with your notification settings? This is an opportunity for us to apply some #DeceptiveDesign and push every fart someone leaves on our network down your throat"
No, you are wrong LinkedIn. I wanted less notifications, not more. But what can you expect when you expose yourself to #SurveillanceCapitalism 🤷
#LinkedIn is a weird network. It always existed a bit in the shadow of the well-known social media. Part is professional network, 'rolodex-like' and then there's the timeline full of platitudes and full of people debasing themselves for 'business reasons' I suppose.
And LI is king of #DeceptiveDesign. Especially on the mobile side, if you refuse to use their app. The Firefox site is deliberately limited in many subtle and annoying ways.
I decided to give Privacy(dot)com a look. They offer a 'virtual credit service' that allows you to hide your real credit card information when making online purchases.
Not surprisingly, you have to create an account to use the service. To start, they wanted my email address, real name, date of birth, and last 4 digits of my social security number.
Barrow County GA issued a breach notice about a breach of its email environment that occurred between March and August of last year.
"The type of information at issue varied for each individual, but included a variation of the following:
name; date of birth, Social Security number; driver’s license or state identification number, financial account
information, credit or debit card information, including the expiration and CVV code, clinical and treatment
information, medical provider information, prescription information, insurance policy information, and/or patient
account or medical record numbers."
EU advances rules that wrestle control of user data away from Big Tech (www.theverge.com)
Including protections against unlawful data transfers.