sovereignty

sovereignty

/sovereignty98

A home for digital sovereignty advocates and enthusiasts on Farcaster

Spain’s data watchdog just told Worldcoin to delete all the iris scan data they’ve collected in the country. Apparently, Worldcoin has been under investigation since July for privacy concerns.

the agency is saying Worldcoin’s biometric data collection might be violating EU laws, especially GDPR… curious to see how this plays out.

https://www.reuters.com/markets/currencies/spanish-watchdog-tells-worldcoin-delete-all-iris-scan-data-2024-12-19/

@gigarahul.eth·

your airfryer might be snitching on you: a report found that apps for the Xiaomi Mi Smart and Aigostar fryers are asking for permissions to record audio and track your location.

Xiaomi’s airfryer app links to trackers from Facebook, TikTok (Pangle), and Tencent… and Aigostar and Xiaomi even send user data to servers in China—buried deep in their privacy notices.

https://www.thesun.co.uk/news/32312788/air-fryer-spying-household-gadgets-data/

Google just won a court case in the UK about a medical data-sharing deal from 2015. a patient tried suing on behalf of 1.6m people, saying their privacy was misused after the Royal Free NHS Trust gave Google Deepmind access to patient data to build a kidney injury app.

the courts tossed it out, saying they couldn’t prove everyone’s info was misused or that they had privacy expectations for the data, and the appeal was denied too.

https://www.reuters.com/technology/google-defeats-uk-privacy-lawsuit-over-medical-data-deal-2024-12-11/

since Nov 27th, PayPal has been sharing detailed shopping data (like your purchase history, brand preferences, and clothing sizes) with retailers to help them target ads. you can opt out, but it’s buried in settings: go to profile > data & privacy > toggle off "personalized shopping."

many banks and fintechs like Chase, Citibank, and BofA, and Affirm share your data too—check the settings on all your financial apps to toggle data sharing off.

https://www.wsj.com/personal-finance/paypal-sell-customer-purchase-data-266b0e79

the CFPB wants to fight predatory data brokers by treating them like credit reporting agencies. their proposal would require data brokers to obtain “separate, explicit authorization” before acquiring or sharing personal data, rather than burying these permissions in expansive ToC documents.

but they're facing opposition from none other than Elon Musk and other members of the Trump administration... https://www.wired.com/story/cfpb-fcra-data-broker-oversight/

U.S. officials are urging the use of end-to-end encrypted messaging apps like Signal after a massive cyberattack, reportedly from China, compromised call metadata, live calls, and sensitive systems at telecom giants AT&T, Verizon, and Lumen.

the breach remains unresolved and officials warn there’s no timeline for when telecom systems will be fully secure. to protect your online communications, they recommend switching to E2EE apps and enabling phishing-resistant 2FA.

https://www.nbcnews.com/news/amp/rcna182694

Niantic, the creator of Pokemon Go, has been collecting players' location and AR data to train a "large geospatial model" it plans to sell to third parties.

the data collection happens even when the app isn't actively in use and there is no way to turn location data sharing off without deleting the app.

https://www.thesun.ie/tech/14237188/pokemon-go-location-ar-data-train-ai/

Australia's PM has proposed a law to ban kids under 16 from using social media to protect their health. platforms like Instagram, TikTok, and Snapchat will need to do strict age checks (like biometrics or IDs) or face fines up to $32m.

they say all data used for verification will be destroyed and there will be no exceptions for parental consent or existing accounts, but critics like Elon Musk say this will lead to internet more Internet control down the line.

https://www.reuters.com/world/asia-pacific/australia-pm-plays-down-privacy-fears-social-media-ban-children-2024-11-25/

apparently Apple’s new AI feature, Apple Intelligence, can pull data from your apps, including sensitive banking and location info.

if that's too invasive, you can limit its privileges in settings > apple intelligence & siri and toggle off the options for the apps you don’t want it to access. also, Apple Intelligence is opt-in, so you also have the option to reject using it entirely.

https://nypost.com/2024/11/26/tech/apples-new-ai-could-broach-sensitive-data-experts-warn-take-these-steps-to-protect-your-privacy/?utm_source=chatgpt.com

the Supreme Court is letting a multi-billion dollar court case against Meta to move forward.

the case stems from the Cambridge Analytica privacy scandal, where user data was misused to target voters during the 2016 election. Meta has already paid over $5 billion in fines and settlements but continues to defend against this lawsuit.

https://apnews.com/article/supreme-court-meta-facebook-lawsuit-9173ad92e11df4b2a565418e419dfb88

found this interesting private mobile data carrier: cape

they just launched a privacy-first phone and network that limits location tracking and data collection for high-risk users like activists and journalists.

the founding team is ex-palantir and they raised $62m from a16z 👀

https://www.axios.com/2024/11/21/cape-privacy-cell-network-surveillance

@gigarahul.eth·

Bunnings, Australia’s biggest hardware chain, got busted for using facial recognition to track customers without consent, matching faces to a database of flagged individuals.

Their privacy watchdog ordered them to stop and delete the data, but Bunnings says it was only for safety, not marketing, and plans to appeal.

https://www.reuters.com/business/retail-consumer/australian-hardware-chain-bunnings-breached-privacy-with-facial-recognition-tool-2024-11-19/

@gigarahul.eth·

Apple's upcoming AirTag 2, launching next year, addresses prior misuse concerns with a more tamper-resistant speaker assembly and better detection capabilities. It's been previously reported that modified AirTags were sold on Ebay with the speakers removed, making the devices unable to alert people if Apple detected that they were being tracked inconspicuously.

https://www.digitaltrends.com/mobile/apple-airtag-2-report-privacy-range-speaker-design-upgrades-report/

@comm.eth #createathread

heartbreaking - more offensive texts are being sent to racial minorities and LGBTQ+ people from anonymous phone numbers.

some were sent via TextNow, a service compatible with untraceable, “burner” phone numbers

https://www.nbcnews.com/news/us-news/offensive-racist-texts-now-sent-high-schoolers-latinos-lgbtq-community-rcna180415

found this interesting article on what Trump's presidency could spell for privacy and AI governance: https://iapp.org/news/a/a-view-from-dc-what-does-a-second-trump-presidency-mean-for-privacy-ai-governance-

the main predictions:
- increased public-private collaboration on AI development and rollback of AI regulations (e.g. 'anti-bias' laws)
- reduced consumer data protections and expanded corporate surveillance abilities
- an emphasis on data localization for matters of national security

@comm.eth #createathread

Meta was recently fined 21.6 billion won ($15m) by the South Korean government for illegally collecting sensitive information from FB users, such as their political views and sexual orientation, and sharing it with ~4,000 advertisers.

https://www.usnews.com/news/business/articles/2024-11-05/south-korea-fines-meta-15-million-for-illegally-collecting-information-on-facebook-users

Chelsea Manning says VPNs and Tor are probably not enough to evade government censorship and monitoring anymore. rising data collection by VPN companies and more countries blocking VPNs make using them ineffective.

she suggests mixnets - kind of like a digital launderer for data packets - as an alternative: https://www.pcmag.com/news/chelsea-manning-vpns-and-tor-arent-enough-for-digital-privacy

Armenia is passing a bill mandating private entities in Yerevan to setup 24/7 live surveillance...

the police are entitled to the feeds + 15 days of recordings on-demand, and officials have indicated they intend to use AI to monitor and analyze the recordings

https://www.hrw.org/news/2024/10/31/armenia-surveillance-bill-threatens-rights

a class-action lawsuit was filed against Paramount for illegally sharing Paramount+ subscribers' data with third-party apps like TikTok and Facebook without users' consent: https://www.thewrap.com/paramount-plus-sued-subscriber-privacy-data-facebook-titkok/

the data was allegedly shared deliberately and in a manner seemingly "invisible" to users.

the Colorado Department of State reported that partial passwords for parts of the state’s voting systems were accidentally included in a spreadsheet on its website. https://www.nytimes.com/2024/10/29/us/politics/colorado-election-passwords-breach.html

the department assured that this incident poses no threat to the upcoming Nov 5 election or the ballot counting process.

the vice chair of the Colorado Republican Party is claiming that over 600 unencrypted passwords for voting systems in 63 of the state’s 64 counties were shared on the site and had been accessible from August 8 to October 23, but these claims could not be independently verified.

the EU fined LinkedIn €310 million for violating GDPR rules, finding they unlawfully collected personal data to target ads and breached GDPR's “lawfulness, fairness, and transparency” required for such data processing.

https://www.reuters.com/technology/eu-privacy-regulator-fines-linkedin-310-mln-euro-2024-10-24/

chrome is phasing out uBlock Origin as it transitions to a new extension system.

there is a compatible version of uBlock Origin but it needs to be newly downloaded and is less effective at blocking ads...

https://www.wired.com/story/google-chrome-ublock-origin-extension/

looks like the ICE's $2m contract with spyware vendor Paragon is under compliance review!

under Biden's March 2023 executive order, the government can only use commercial spyware if they ensure it aligns with human rights protections, meaning Paragon may lose the contract (a first-time occurence in US history)!

https://www.wired.com/story/ice-paragon-contract-white-house-review/

the EU might soon force all chat apps (even E2EE ones) to use AI to scan users' messages for illegal content, potentially making these apps pointless in the EU for those prioritizing secure communication.

https://techcrunch.com/2024/10/12/chat-control-the-eus-controversial-csam-scanning-legal-proposal-explained/

twitter will soon allow third parties to use your posts to train ai...

more reason to exit the bird app 🙃

https://techcrunch.com/2024/10/17/elon-musks-x-is-changing-its-privacy-policy-to-allow-third-parties-to-train-ai-on-your-posts/