Age verification forces a choice between "freedom of expression by not accessing content" or "increased security risks that will arise from data breaches and phishing sites"
ORG warns that Ofcom (UK) proposals could create new oppportunities for fraudsters to scam people into providing identification and payment information.
The #DPDIBill will make it easier for the UK government to turn private companies into informants through new legal grounds for data sharing and Ministerial powers to expand these purposes.
The government's disrespect of data rights is underpinned by the weak enforcement approach of the Information Commissioner's Office.
Public shaming, rather than legally binding enforcement actions and penalties, makes it possible to ignore data protection laws.
#Cars#Privacy#DataProtection#Honda#Surveillance: "I wanted to turn off data collection on my car because it’s creepy and I thought the option would be simple. It turns out that shutting off data collection and figuring out what’s been collected is much more difficult than it would seem. I know because it took me — a reasonably informed and technologically savvy person — a month to finally do so.
I’m in good company.
“It’s comically difficult,” Thorin Klosowski, a security and privacy activist at Electronic Frontier Foundation, who’s written about how to do just this, told me. “I do this for a living and I am not 100% positive I have gotten everything correct, which is ridiculous.”
In March, my husband and I bought a new Honda. When I turned on the car to leave the dealership, I got a notification telling me that data sharing was on. Right next to “on” was an “off” button. Simple enough! But when I hit “off” I got a message telling me it was “unable to change settings while network is invalid.” Right.
My children were screaming at me from the back seat, so I assumed this was a problem I could easily fix another time."
#CyberSecurity#DataBreach#Biometrics#FacialRecognition#DataProtection#Australia: "Police and federal agencies are responding to a massive breach of personal data linked to a facial recognition scheme that was implemented in bars and clubs across Australia. The incident highlights emerging privacy concerns as AI-powered facial recognition becomes more widely used everywhere from shopping malls to sporting events.
The affected company is Australia-based Outabox, which also has offices in the United States and the Philippines. In response to the Covid-19 pandemic, Outabox debuted a facial recognition kiosk that scans visitors and checks their temperature. The kiosks can also be used to identify problem gamblers who enrolled in a self-exclusion initiative. This week, a website called “Have I Been Outaboxed” emerged, claiming to be set up by former Outabox developers in the Philippines. The website asks visitors to enter their name to check whether their information had been included in a database of Outabox data, which the site alleges had lax internal controls and was shared in an unsecured spreadsheet. It claims to have more than 1 million records.
The incident has rankled privacy experts who have long set off alarm bells over the creep of facial recognition systems in public spaces such as clubs and casinos."
#Surveillance#Privacy#DataProtection#AdTech: "Nearly every time we load new content on an app or a Web site, ad-exchange companies—Google being the largest among them—broadcast data about our interests, finances, and vulnerabilities to determine exactly what we’ll see; more than a billion of these transactions take place in the U.S. every hour. Each of us, the data-privacy expert Wolfie Christl told me, has “dozens or even hundreds” of digital identifiers attached to our person; there’s an estimated eighteen-billion-dollar industry for location data alone. In August, 2022, Mozilla reviewed twenty pregnancy and period-tracking apps and found that fifteen of them made a “buffet” of personal data available to third parties, including addresses, I.P. numbers, sexual histories, and medical details. In most cases, the apps used vague language about when and how this data could be shared with law enforcement. (A 2020 foia lawsuit filed by the A.C.L.U. revealed that the Department of Homeland Security had purchased access to location data for millions of people in order to track them without a warrant. ice and C.B.P. subsequently said they would stop using such data.) The scholar Shoshana Zuboff has called this surveillance capitalism, “a new economic order that claims human experience as free raw material for hidden commercial practices of extraction, prediction, and sales.” Through our phones, we are under perpetual surveillance by companies that buy and sell data about what kind of person we are, whom we might vote for, what we might purchase, and what we might be nudged into doing." https://www.newyorker.com/culture/the-weekend-essay/the-hidden-pregnancy-experiment
Another data broker is telling me that they have a „legitimate interest“ in scraping and selling my data because they need to for their business. 🙄 That is not enough.
When someone claims legitimate interest, they have to show that your rights and freedoms do not outweigh their interests. „We want to because money!“ does not quite do that!
Psychology news robots distributing from dozens of sources: https://www.clinicians-exchange.org
. Does HIPAA Even Exist for Large Corporations?
I don't care if anyone knows I just got a COVID vaccine. Most people
don't care.
However, CVS Pharmacy just sent me an after-visit report across
unencrypted Internet to my email address.
The form included such fields as:
-- My Full Name
-- DATE OF BIRTH!
-- My Full Home Address
-- Medication Administered
-- Date and Time of Appointment
-- Name of Pharmacist I saw
-- Name of Doctor at CVS overseeing it all
-- Name and Address of my Primary Care Doctor
Also:
-- All the answers to my screening questionnaire! including my yes/no
answers to multiple medical conditions such as heart problems,
immunocompromise, seizures & other brain problems, and pregnancy.
So many things wrong here. This is almost enough information for
identity theft (lacking only SSN). It gives away LOTS of my medical
information. If I had a Gmail email address, Google would now have all
this information. What if I was a pregnant female in the southern USA
where Attorney Generals are starting to track state of pregnancy for
later prosecution if women go out-of-state for abortions or have a
suspicious (to them) miscarriage?
*How does CVS get away with this when smaller medical offices have to
be so careful?
*
“NARA will block access to commercial ChatGPT on NARANet [an internal network] and on NARA issued laptops, tablets, desktop computers, and mobile phones beginning May 6, 2024,” an email sent to all employees, and seen by 404 Media, reads. “NARA is taking this action to protect our data from security threats associated with use of ChatGPT.”
The move is particularly notable considering that this directive is coming from, well, the National Archives, whose job is to keep an accurate historical record. The email explaining the ban says the agency is particularly concerned with internal government data being incorporated into ChatGPT and leaking through its services."
This week we held an online briefing about our report, 'Prevent and the Pre-Crime State: How unaccountable data sharing is harming a generation.'
Hear more about the UK Prevent programme and its dangers from Sara Chitseko (ORG), Dr Layla Aitlhadj (PreventWatch), Ilyas Nagdee (Amnesty International UK and Professor Charlotte Heath-Kelly (The University of Warwick).
Asylum seekers and refugees are right not to feel secure over their data.
New research from the University of Oxford and the University of Glasgow has found that pre-payment cards given to UK asylum seekers by the Home Office are collecting purchasing data with restrictive rules.
The research finds that this creates 'new modes of social control' with detrimental impacts on well-being for asylum seekers.