Privacy News: January 9

Lots of surveillance stories, fines for Facebook, Google, and Apple, and much much more!

Surveillance

Fighting ‘Big Brother’: Anti-surveillance advocates in New York seek to halt creeping proliferation of cameras and tracking software

Ben Brachfeld on amNewYork (amny.com)

Anti-surveillance activists are working with progressive lawmakers in Albany seeking to curtail the proliferation of “Big Brother” as as government and corporate surveillance become an increasing part of everyday life.  The coalition plans to unveil on Monday a 10-point blueprint to make New York a “sanctuary state” against surveillance, starting with bills to ban “geofence warrants” and prohibit police from using fake social media accounts to ensnare suspects.

Conservative group targets migrant cell phone data at NGOs, raising privacy concerns

Pablo De La Rosa on Texas Public radio (tpr.org)

The Heritage Foundation locked on to the locations of at least 30,000 cell phones at non-government (NGO) migrant aid shelters and Customs and Border Protection (CBP) facilities. The Washington D.C.-based conservative think-tank then continued tracking the movement of the devices across the country over the course of at least a month in January 2022.  Catholic Charities of the Rio Grande Valley and the Del Rio and Val Verde CBP processing stations in Texas were among the more than 30 migrant facilities that were “geofenced” for data tracking in a report released in December by Heritage.

San Francisco Police Are Using Driverless Cars as Mobile Surveillance Cameras

Aaron Gordon on vice.com

“Autonomous vehicles are recording their surroundings continuously and have the potential to help with investigative leads,” an internal training document states.

Tracked, detained, vilified: How China throttled anti-covid protests

Cate Cadell on The Washington Post (washingtonpost.com)

After widespread protests, China relaxed its strict covid controls. But on the protesters themselves, the government unleashed a police state brimming with new surveillance technology.

Controversial Facial Recognition Software Has Been Implemented At Airports Across America – How Will Travelers Respond?

Will McGough on Forbes (forbes.com)

The program claims to make security screening faster and safer. But there are privacy and data concerns as well.

Facebook, Google, and Apple fined

Meta prohibited from use of personal data for advertisment

noyb (noyb.eu)

This is a big one, because the Irish Data Protection Commission not only handed out a big fine, it required Facebook, Instagram and WhatsApp to get opt-in consent to use the personal data of users for behavioral advertizing in the EU.   Of course, Facebook et al will no doubt try to come up with another legal basis for using the data, at which point there will be another court case, but this is the biggest threat yet to their business model.  Kudos to noyb, which first brought the complaint five years ago!

ALSO:

Apple fined €8M in French privacy case

Laura Kayali on POLITICO (politico.eu)

France’s data protection authority CNIL has fined Apple €8 million for privacy violations. The regulator found that the U.S. tech giant did not “obtain the consent of French iPhone users (iOS 14.6 version) before depositing and/or writing identifiers used for advertising purposes on their terminals,” according to a statement released Wednesday.

ALSO:

Google to Pay $23 Million in Search Privacy Deal With Users

Andrea Vittorio on Bloomberg Law (news.bloomberglaw.com)

Alphabet Inc.’s Google agreed to pay $23 million to resolve a long-running lawsuit brought by consumers who claimed its search engine shared their queries with advertisers or other third parties without their permission.

ALSO:

State privacy law

All things ‘California Privacy Law’ with Lothar Determann

on International Association of Privacy Professionals (iapp.org)

IAPP Editorial Director Jedidiah Bracy, CIPP, chats with Lothar Determann about the new edition of ‘California Privacy Law.’

ALSO:

And …

Twitter leak: 200m+ account database now free to download

Jessica Lyons Hardcastle on The Register (theregister.com)

No passwords, but planety of stuff for social engineering and doxxing.

ALSO:

Meet The Spy Tech Companies Helping Landlords Evict People

Nick Keppler on vice.com

The growing ‘proptech’ industry is now explicitly marketing surveillance tech as a way to evict tenants and raise rent.

Adobe will use your work to train its AI algorithms

Katyanna Quach on The Register (theregister.com)

Content analysis system scans data stored on its Creative Cloud services

Advancing ethics review practices in AI research – Nature Machine Intelligence

Madhulika Srikumar on Nature (nature.com)

The implementation of ethics review processes is an important first step for anticipating and mitigating the potential harms of AI research. Its long-term success, however, requires a coordinated community effort, to support experimentation with different ethics review processes, to support experimentation with different ethics review processes, to study their effect, and to provide opportunities for diverse voices from the community to share insights and foster norms.

It’s 2023, and tech is still pushing unsafe products

Tatum Hunter on The Washington Post (washingtonpost.com)

CES brings a flood of new products for consumers — often with little vetting from their makers.

Back into the Trenches of the Crypto Wars

Julia Angwin on The Markup (themarkup.org)

A conversation with Meredith Whittaker

Apple wins US biometric privacy case on appeal

Jim Nash on BiometricUpdate.com (biometricupdate.com)

Apple does not violate BIPA by offering owners of its mobile devices the ability to unlock the operating system using their fingerprint or face.

Global Spyware Scandal: Exposing Pegasus

on FRONTLINE (pbs.org)

“Global Spyware Scandal: Exposing Pegasus,” a 2-part documentary from FRONTLINE and Forbidden Films, reveals how the NSO Group’s Pegasus spyware was used on journalists, activists, and others.

The Hidden Cost of Cheap TVs

Justin Pot on The Atlantic (theatlantic.com)

Screens have gotten inexpensive—and they’re watching you back.

5 reasons why data privacy compliance must take center stage in 2023

Ameesh Divatia, Baffle, Inc. on VentureBeat (venturebeat.com)

Companies that are proactive in their data privacy and security compliance approaches will find themselves in an enviable position in 2023.

You must now verify your drivers license to watch Pornhub in Louisiana

Amanda Silberling on TechCrunch (techcrunch.com)

At the start of the year, a new law went into effect in Louisiana that requires age verification checks on porn sites.

The ‘godfather of crypto’ wants to create a privacy-focused CBDC: Here’s how

Erhan Kahraman on Cointelegraph (cointelegraph.com)

David Chaum explains his game plan to create a central bank digital currency (CBDC)  that would also be appreciated by the crypto ecosystem in an exclusive interview.

Facial recognition error led to wrongful arrest of Black man, report says

Jon Brodkin on Ars Technica (arstechnica.com)

Lawyer says police didn’t check man’s height, weight—or the mole on his face.

Crystal ball privacy in 2023: US states, kids and AI

on International Association of Privacy Professionals (iapp.org)

Goodwin Procter Partner and IAPP Senior Fellow Omer Tene offers a look ahead at privacy in the U.S. for the upcoming year.

The Silicon Ceiling: How Artificial Intelligence Constructs an Invisible Barrier to Opportunity

See all articles by Elana Zeide on papers.ssrn.com

Algorithmic assessments increasingly shape individuals’ success in education and employment. Schools, recruiters, and companies now rely on automated platforms

Apple’s Illinois Biometric Privacy Win Expands Compliance Tools

Skye Witley on Request a Free Demo (news.bloomberglaw.com)

Companies gained a limited new edge in defending their compliance with Illinois’ biometric privacy law, following a recent state appeals court ruling that Apple Inc.’s face and finger identification tools don’t violate the statute.

California’s Sephora Settlement Puts Consumer Privacy First

Jonathan Joseph on Security Boulevard (securityboulevard.com)

Last fall, California drew first blood when it agreed to a $1.2 million settlement with Sephora over the cosmetics company’s violations of the California

Billie Eilish Got Doxxed on the Citizen App

The A.V. Club on Gizmodo (gizmodo.com)

The Citizen app reportedly sent a push notification with Billie Eilish’s address to 78,000 people as her home was being burglarized.

Controversy illuminates rise of facial recognition in private sector

ABC News on ABC News (abcnews.go.com)

Facial recognition software was used bar an audience member from a New York City theater.

Health authority failed to properly report privacy breach, N.W.T. privacy commissioner says

CBC on Yahoo News (ca.news.yahoo.com)

The N.W.T. information and privacy commissioner said the territory’s health authority failed to properly report a privacy breach involving personal medical information that was mistakenly shared with the wrong patient. The commissioner found that the department violated the Health Information Act by…

The latest lesson on biometric data privacy could cost people’s lives

Jim Nash on BiometricUpdate.com (biometricupdate.com)

Two United States government documents about the use of biometric identification in occupied Afghanistan lack any mention of data security on the ground.

Pivotal Moments In Data Privacy History

Brandon Taylor on InformationWeek (informationweek.com)

In the last 18 years, the internet has evolved at warp speed to keep up with busier lives and a craving for mobility, while also trading access for privacy.

Germany could become MEPs’ ally in AI Act negotiations

Luca Bertuzzi on EURACTIV (euractiv.com)

Inter-institutional negotiations on the AI Act are expected later this year, and while the EU Council has reached its position, Germany has reservations on certain points that bring it closer to the European Parliament’s position than that of other member states.

Researchers Could Track the GPS Location of All of California’s New Digital License Plates

on vice.com

After gaining access to a powerful administrative account, the researchers could perform all sorts of tasks inside Reviver, the sole company that sells the digital plates in California.

How do ‘technical’ design-choices made when building algorithmic decision-making tools for criminal justice authorities create constitutional dangers? (Part I)

See all articles by Karen Yeung on papers.ssrn.com

This two-part paper argues that seemingly ‘technical’ choices made by developers of machine-learning based algorithmic tools used to inform decisions by crimina

Brandon Vigliarolo on The Register (theregister.com)

Facebook, Insta told to pay up, make changes to data slurping process within 3 months

Palantir’s Covid-era UK health contract extended

Lindsay Clark on The Register (theregister.com)

US spy-tech firm’s controversial work with patient data pushed out 6 months due to delayed data platform procurement

ALSO:

The Silicon Ceiling: How Artificial Intelligence Constructs an Invisible Barrier to Opportunity

See all articles by Elana Zeide on papers.ssrn.com

Algorithmic assessments increasingly shape individuals’ success in education and employment. Schools, recruiters, and companies now rely on automated platforms

No more holidays for US telcos, FCC is cracking down

Brandon Vigliarolo on The Register (theregister.com)

Also, LastPass faces class action, and Louisiana says that, while the internet may be for porn, ID is still required


Image Credit: Privacy by Nick Youngson licensed under CC BY-SA 3.0 from Alpha Stock Images via Picpedia.