WebProNews

Tag: Privacy

  • Clearview AI Dealt Blow in Canada, Called Illegal

    Clearview AI Dealt Blow in Canada, Called Illegal

    Clearview AI has been dealt its biggest blow yet, with Canada calling the app illegal and demanding it delete photos of Canadian citizens.

    Clearview AI made headlines last year when the depth of its activities were uncovered. The company scraped photos from countless websites, including the top social media platforms, and amassed a database of billions of photos. Clearview then sold access to that database to law enforcement officials all over the country.

    Despite its claims, however, Clearview wasn’t the responsible purveyor of information it claimed to be. Instead, it gave investors, clients and friends access to the company’s database for their own personal uses, including entertainment. The company also began expanding internationally, working on deals with authoritarian regimes.

    Despite multiple investigations in the US, it appears Canada has taken the strongest stance yet, declaring the software illegal.

    “Clearview sells a facial recognition tool that allows law enforcement and commercial organizations to match photographs of unknown people against a massive databank of 3 billion images, scraped from the Internet,” said Daniel Therrien, Privacy Commissioner of Canada. “The vast majority of these people have never been, and will never be, implicated in any crime.

    “What Clearview does is mass surveillance and it is illegal. It is an affront to individuals’ privacy rights and inflicts broad-based harm on all members of society, who find themselves continually in a police lineup. This is completely unacceptable.”

    Clearview tried to make the claim that it did not need permission to collect the photos it uses, since they’re already posted on social media. The Canadian government disagreed, since Clearview’s purpose for collecting the photos differed from the reason people uploaded them.

    As a result, the investigation came to the following conclusion:

    We recommended that Clearview: (i) cease offering its facial recognition tool to clients in Canada; (ii) cease the collection, use and disclosure of images and biometric facial arrays collected from individuals in Canada; and (iii) delete images and biometric facial arrays collected from individuals in Canada in its possession.

    While the government doesn’t yet have the authority to enforce the investigation’s recommendations, Therrien is hopeful Parliament will take them under advisement when it considers upcoming privacy legislation.

    “The company essentially claims that individuals who placed or permitted their images to be placed on the Internet lacked a reasonable expectation of privacy in such images, that the information was publicly available, and that the company’s appropriate business interests and freedom of expression should prevail,” Therrien added.

    “My colleagues and I think these arguments must be rejected. As federal Commissioner, I hope that Parliament considers this case as it reviews Bill C-11, the proposed new private-sector privacy legislation. I hope Parliamentarians will send a clear message that where, as here, there is a conflict between commercial objectives and privacy protection, Canadians’ privacy rights should prevail.”

  • Google Hasn’t Updated iOS Apps Possibly to Avoid Privacy Labels

    Google Hasn’t Updated iOS Apps Possibly to Avoid Privacy Labels

    It’s been a month and a half since Apple introduced privacy labels, and Google has yet to updates many of its iOS apps to support the feature.

    Apple introduced App Privacy Details in iOS and iPadOS 14.3 as a way to inform users of what data apps collect and keep about them. The feature is built around the novel concept that users should know what data companies collect and have a say in it.

    Some companies, such as Facebook have already faced quite a bit of flack when they updated their apps and revealed the extent of the data they collected. It’s been speculated that Google may be trying to avoid that by simply not updating.

    Google issued a blog post on January 12 outlining its support for iOS App Privacy Details, and said it would be updating its apps to support them. A quick look at the App Store at time of writing, however, only show two apps that have been updated to include the information, namely Google Translate and Google Classroom.

    Google’s Privacy Label
    Google’s Privacy Label

    It remains to be seen when Google will update its more popular apps but, the longer the company takes, the more speculation will build that Google doesn’t want to disclose its data collection.

  • Facebook Suing Chrome Extension Makers For Spying On Users

    Facebook Suing Chrome Extension Makers For Spying On Users

    Facebook is suing the makers of four Chrome extensions, claiming the extensions are used to spy on users.

    Facebook, Inc. and Facebook Ireland filed a lawsuit againts two people behind the Portuguese business “Oink and Stuff.” Facebook alleges that the individuals have created four Chrome extensions that scrape information from a user’s Facebook profile, as well as from the information stored in their browser unrelated to Facebook. To make matters worse, the extensions’ privacy policy specifically claims the software doesn’t collect any personal information.

    The extensions in question are Web for Instagram plus DM, Blue Messenger, Emoji keyboard and Green Messenger. Jessica Romero, Director of Platform Enforcement and Litigation, described the information being scraped:

    When people installed these extensions on their browsers, they were installing concealed code designed to scrape their information from the Facebook website, but also information from the users’ browsers unrelated to Facebook — all without their knowledge. If the user visited the Facebook website, the browser extensions were programmed to scrape their name, user ID, gender, relationship status, age group and other information related to their account. The defendants did not compromise Facebook’s security systems. Instead, they used the extensions on the users’ devices to collect information.

    Facebook does not appear to be seeking any monetary damages, but is instead looking for an injunction that will force the defendants to delete all the Facebook data they have collected.

    For a company that has a reputation for being on the wrong side of privacy issues, it’s a nice change to see Facebook on the right side of this one. On the flip side, it should be a major concern to users that Google’s own Chrome Web Store is insecure enough that Facebook felt it necessary to sue a Chrome extension maker to resolve the issue.

  • DuckDuckGo Hits 100 Million Daily Searches

    DuckDuckGo Hits 100 Million Daily Searches

    Privacy-oriented search engine DuckDuckGo has crossed a major threshold, passing 100 million daily searches.

    DuckDuckGo has built its reputation on protecting user privacy and not tracking their browsing habits. While the search engine is much smaller that Google, it has been gaining users as consumers have begun to value their privacy more.

    The search engine has now reached a major milestone, passing 100 million daily searches on Monday, January 11. Since then, usage has been hovering just below that mark, ranging from 97 to 99 million.

    While DuckDuckGo has a long way to go before it’s a threat to Google, its increasing popularity should be a warning sign to Google about the value of protecting user privacy.

  • Illinois Facebook Users Will Receive $350 From Settlement

    Illinois Facebook Users Will Receive $350 From Settlement

    Illinois Facebook users will be receiving roughly $350 from the landmark privacy case against the social media giant.

    In January 2020, Facebook tentatively agreed to a $550 million settlement in an Illinois class-action lawsuit over the state’s biometric privacy law, with the final amount reaching $650 million. The Illinois Biometric Information Privacy Act prohibits private companies from collecting or using biometric data — such as facial recognition, voiceprint or fingerprint data — without written notification and written consent.

    In the first true test of the law, the Illinois class-action suit against Facebook took the company to task for violating that law. Facebook uses biometric data in a number of ways, including using facial recognition for photo tagging recommendations.

    According to the Chicago Tribune, some 1.6 million Illinois Facebook users will be receiving payments to the tune of $350 each. The payments were originally estimated to be closer to $400, but an additional 200,000 claims lowered the amount.

    Either way, the settlement should serve as a warning to companies to do a better job of respecting their users’ privacy.

  • Swedish Court Strikes Dashes Huawei’s Hopes, Upholds Ban

    Swedish Court Strikes Dashes Huawei’s Hopes, Upholds Ban

    A Swedish court has dismissed Huawei’s appeal of a ban preventing it from participating in the country’s 5G network.

    Huawei has been under pressure around the globe, as a result of its perceived ties to the Chinese government and intelligence community. The US, in particular, has been vocal in accusing the company of being a security risk. A number of countries have banned Huawei from participation in their 5G networks, including Sweden.

    Huawei appealed the ban, but a Swedish court has struck down the appeal, according to U.S. News & World Report, despite Huawei reportedly being willing to meet any demand the Swedish government might have.

    “A ruling by the Administrative Court of Appeal in a case relating to the law on electronic communication is final and therefore cannot be appealed,” the Supreme Administrative Court said. “The appeal should thus be dismissed.”

    This is just the latest in a string of defeats for the Chinese company that has seen it cut off from its primary chipmakers and forced to sell its smartphone business.

  • WhatsApp Delays Privacy Changes Amid Backlash

    WhatsApp Delays Privacy Changes Amid Backlash

    Facebook’s WhatsApp has announced it will delay its privacy policy changes, amid one of the biggest waves of backlash the company has faced.

    WhatsApp starting pushing a notification last week, informing users of changes to its privacy policy. Among the changes was data-sharing between WhatsApp and other Facebook owned companies. Users were not given the option to opt out, being given until February 8 to either accept the new terms or stop using the app.

    The reaction was swift and severe. People began closing their WhatsApp accounts and moving to competitors, especially Signal and Telegram. Soon after, Telegram announced it passed 500 million users, while Signal saw a 62-fold increase in downloads over the last week. Meanwhile, WhatsApp downloads experienced a 17% decline during the same period, according to U.S. News & World Report.

    The backlash appears to have gotten WhatApp’s attention, even if it’s not fundamentally changing the company’s plans. In a blog post entitled “Giving More Time For Our Recent Update,” the company says this:

    We’re now moving back the date on which people will be asked to review and accept the terms. No one will have their account suspended or deleted on February 8. We’re also going to do a lot more to clear up the misinformation around how privacy and security works on WhatsApp. We’ll then go to people gradually to review the policy at their own pace before new business options are available on May 15.

    In other words, WhatsApp is essentially saying: ‘We’ve heard you. Trust us, it’s not what you think, and we’re going to give you more time to get accustomed to us doing what we’re going to do regardless of whether you like it or not.”

    The problem with that approach? Trusting what Facebook says about privacy is like trusting the fox to guard the henhouse. The company has used up most people’s trust and goodwill after repeated and blatant privacy violations.

  • Signal Growing So Fast It Experienced Technical Issues

    Signal Growing So Fast It Experienced Technical Issues

    Signal has been adding so many new users that it experienced technical issues today.

    Signal is a messaging app that is widely considered one of the most secure communication platforms in existence. While the app has been popular among privacy-conscious users for some time, it has received a major boost since WhatsApp announced it would start sharing user data with other Facebook-owned companies.

    In fact, according to U.S. News & World Report, “Signal was downloaded by 17.8 million users over the past seven days, a 62-fold rise from the prior week, according to data from Sensor Tower. WhatsApp was downloaded by 10.6 million users during the same period, a 17% decline.”

    That growth hasn’t come without issues, however. For much of the day today, Signal has been experiencing technical difficulties, which the company has said is a reflection of its growth.

    The company later tweeted that it is making progress toward a resolution.

    Signal’s growth is good news for privacy advocates, and signals (pun intended) a bright future for the messaging app.

  • Google Closes Fitbit Deal

    Google Closes Fitbit Deal

    Google has closed its Fitbit deal, despite investigations and concerns over potential privacy and antitrust implications.

    Google announced in November 2019 that it had entered an agreement to acquire Fitbit. Immediately, the company worked to assuage potential privacy concerns over the data Fitbit has access to. The acquisition was largely seen in the context of Google’s desire to use Fitbit to better compete with the Apple Watch.

    Despite Google’s assurances, the Department of Justice and EU regulators investigated the potential acquisition, leading Google to make additional concessions to ensure the deal went forward. It appears the concessions Google made paid off, as the two companies have now closed their deal.

    James Park, Fitbit’s CEO, president, and co-founder, relayed the news in a blog post:

    I’m writing today to let you know that Fitbit is now officially part of Google. It’s an incredibly exciting moment for us as a company and for our Fitbit community of users around the globe.

    Park also tried to reassure users their privacy and data would be respected:

    The trust of our users will continue to be paramount, and we will maintain strong data privacy and security protections, giving you control of your data and staying transparent about what we collect and why. Google will continue to protect Fitbit users’ privacy and has made a series of binding commitments with global regulators, confirming that Fitbit users’ health and wellness data won’t be used for Google ads and this data will be kept separate from other Google ad data. Google also affirmed it will continue to allow Fitbit users to choose to connect to third party services. That means you’ll still be able to connect your favorite health and wellness apps to your Fitbit account. These and other commitments by Google reinforce why Google is an ideal partner for Fitbit who will continue to put our users first and help further our mission to make everyone in the world healthier.

  • TikTok Improves Privacy Protections For Children

    TikTok Improves Privacy Protections For Children

    TikTok has announced a number of changes aimed at improving privacy protections for children on its platform.

    TikTok has come under widespread criticism for privacy and security violations. Not the least of those has been repeated violations of child privacy. The company’s ongoing security and privacy issues have prompted numerous companies and government agencies to restrict the app from company devices, as well as been a major factor in the US government attempting to ban the app.

    While TikTok’s future remains in question, the company has finally taken definitive steps to protect children using its platform.

    “Starting today, we’re changing the default privacy setting for all registered accounts ages 13-15 to private. With a private TikTok account, only someone who the user approves as a follower can view their videos. We want our younger users to be able to make informed choices about what and with whom they choose to share, which includes whether they want to open their account to public views. By engaging them early in their privacy journey, we can enable them to make more deliberate decisions about their online privacy.”

    The company has included additional changes, such as restricting comments on videos created by younger users, modifying Duet and Stitch settings for these groups, restricting friend suggestions and more. In addition, the company also offers a TikTok for Younger Users, specifically for users in the US under 13 years of age.

    TikTok’s announcement is a welcome improvement. It remains to be seen if it will do anything to help the company’s fight against its ban order.

  • Equifax Acquiring Fraud Prevention Company Kount

    Equifax Acquiring Fraud Prevention Company Kount

    Equifax has announced it is acquiring Kount, one of the leading fraud prevention companies.

    Equifax made headlines in 2017 when it suffered one of the worst cyberattacks in history. The hack was a dark spot on a company whose entire existence revolves around consumer data and credit. To make matters worse, the company’s response was widely panned by critics, demonstrating a continued lack of good security measures. The company’s latest acquisition shows how serious it is about improving its security and offering the best options to its customers.

    Kount provides AI-driven fraud protection, helping businesses engage with customers while establishing online digital trust. Identity trust allows companies to establish a trust level for each and every transaction and account action, allowing businesses to determine the level of risk they are willing to take.

    The company’s portfolio will be an important addition to Equifax’s efforts to keep its customers safe.

    “As digital migration accelerates, managing authentication and online fraud while optimizing the consumer’s experience has become one of our customers’ top challenges. The acquisition of Kount will expand Equifax’s differentiated data assets to bring global businesses the information and solutions they need to establish identity trust online,” said Mark W. Begor, CEO of Equifax. “Equifax is taking advantage of our strong 2020 outperformance and cash generation to make this strategic acquisition. Our data and technology cloud investments allow us to quickly and aggressively integrate new data and analytics assets like Kount into our global capabilities and bring new market leading products and solutions to our customers.”

    “More than 9,000 brands worldwide rely on the Kount Identity Trust Global Network to protect against digital fraud while enabling personalized customer experiences and new e-commerce channels,” said Bradley Wiskirchen, CEO of Kount. “We are excited to be able to offer Kount solutions with an expansive set of Equifax data, analytics and products. Equifax’s global reach will accelerate Kount’s international adoption, allowing us to help more businesses around the world to better protect their digital innovations and their customers against emerging threats while improving the customer experience.”

    The deal is worth $640 million and is expected to close in the first quarter of 2021.

  • Intel Introduces RealSense ID Facial Recognition

    Intel Introduces RealSense ID Facial Recognition

    Intel has introduced RealSense ID Facial Authentication in an effort to deliver private, secure facial recognition.

    Traditional authentication methods leave much to be desired, especially with rise of ransomware attacks, software supply chain attacks, identity theft and additional threats. Intel’s hope is that RealSense ID will provide a more secure alternative, paving the way to use facial recognition to unlock access controls, smart locks, ATMs, kiosks, POS systems and more.

    Intel touts the ease with which RealSense can be deployed and used.

    With an easy enrollment process and no network setup needed, Intel RealSense ID brings a highly accurate, natural solution that simplifies secure entry. Using only a glance, users are able to quickly unlock what’s important to them. Intel RealSense ID combines active depth with a specialized neural network, a dedicated system-on-chip and embedded secure element to encrypt and process user data quickly and safely.

    Facial recognition has become one of the most controversial technologies in existence. It appears Intel is trying to bring some credibility and security to the technology, emphasizing the potential good it can offer.

  • Required WhatsApp Change Shares Significant User Data With Facebook

    Required WhatsApp Change Shares Significant User Data With Facebook

     

    WhatsApp Privacy Policy
    WhatsApp Privacy Policy

    WhatsApp is making major changes to its privacy policy, including sharing significant user data with Facebook.

    WhatsApp users are seeing an in-app notification of changes to the privacy policy. When going to WhatsApps new terms, it’s clear the messaging platform will begin integrating more tightly with Facebook’s other companies and services, including sharing data between them.

    As part of the Facebook Companies, WhatsApp receives information from, and shares information (see here) with, the other Facebook Companies. We may use the information we receive from them, and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings, including the Facebook Company Products.

    The information shared with Facebook is substantial, including:

    Your account registration information (such as your phone number), transaction data, service-related information, information on how you interact with others (including businesses) when using our Services, mobile device information, your IP address, and may include other information identified in the Privacy Policy section entitled ‘Information We Collect’ or obtained upon notice to you or based on your consent.

    The new policies will take effect on February 8. The changes are mandatory and individuals will not be able to use WhatsApp unless they accept the terms.

    This is the latest reason why users who value their privacy should switch to Signal for their secure, cross-platform messaging needs.

  • TikTok Sending Job Applicant Personal Data to China

    TikTok Sending Job Applicant Personal Data to China

    TikTok has experienced another embarrassing privacy issue, with the revelation it is sending the personal data of job applicants to China.

    TikTok was on the receiving end of ire from the US over its privacy practices and the perception it represents a threat to national security. The company even faced a lawsuit by an individual claiming the platform was sending photos and videos to Chinese servers without her permission, even without her signing up for an account.


    The company has gone to great lengths to distance itself from those accusations, and tried to prove its independence from its owner, Chinese company ByteDance.

    According to Business Insider, however, the company was routing personal information from job applications through servers in China. What’s worse, the data was “potentially highly sensitive, with the firm’s own policies stating that it collects medical data; sex and race data; marital status; geolocation data, among many other categories.” Adding to the issue, TikTok did not inform applicant’s their data would be routed through China.

    After Business Insider approached TikTok, the company said it will end the practice. Nonetheless, this is an embarrassing lapse for company that seems to go from one embarrassing privacy and security incident to another.

  • FTC Demands Answers From Big Tech on Privacy

    FTC Demands Answers From Big Tech on Privacy

    The Federal Trade Commission (FTC) has issued orders to nine social media and video platforms, inquiring about their data practices.

    Big Tech is under more scrutiny than ever before, and privacy is a big focal point. Data breaches and mishandling of consumer data in recent years has resulted in individuals and officials being more privacy-conscious. As a result, there have been some instances of groundbreaking legislations, such as the EU’s GDPR and California’s CCPA/CPRA.

    It appears the FTC is increasing its own scrutiny of companies’ data practices, with an order to “Amazon.com, Inc., ByteDance Ltd., which operates the short video service TikTok, Discord Inc., Facebook, Inc., Reddit, Inc., Snap Inc., Twitter, Inc., WhatsApp Inc., and YouTube LLC.”

    The FTC is specifically looking to understand how these platforms “collect, use, track, estimate, or derive personal and demographic information.” In addition, the FTC wants to know how these platforms determine which ads and content are shown to users, how they handle user engagement and how children and teens are impacted.

    Some companies, such as Apple, Microsoft and Mozilla, have taken strong stands on privacy. The platforms covered by the FTC’s order, however, have based much of their business on collecting user information. In many cases, there has been a lack of transparency about what data is collected and how it is used.

    Hopefully the FTC’s inquiry is the first step toward stronger data protections for consumers.

  • Cloudflare, Apple and Fastly Create Improved, Private DNS

    Cloudflare, Apple and Fastly Create Improved, Private DNS

    Engineers from Cloudflare, Apple and Fastly have worked together to create an improved DNS protocol that protects user privacy.

    DNS is the backbone of the internet, responsible for mapping domain names (such as WebProNews.com) to the IP addresses where the site and its content resides. Unfortunately, because the internet was conceived and designed at a time when security was not a big concern, DNS queries are sent in clear text. This means it is relatively easy to intercept DNS traffic and see what site a person is trying to reach, as well as the IP address of the device they’re using.

    There have been attempts to address this security issue, including DNS over HTTPS (DoH) and DNS over TLS (DoT). Both of these upgrades, however, rely on an ISP, or similar company, responsible for resolving the DNS queries. As a result, there is still a potential trust issue, as the DNS resolving entity can still see the DNS queries.

    This is where Cloudflare, Apple and Fastly’s work comes into play. The three companies have announced the creation a new protocol: Oblivious DNS over HTTPS (ODoH). This new protocol is designed to separate the client from the DNS resolver, providing total privacy and anonymity.

    “ODoH is a revolutionary new concept designed to keep users’ privacy at the center of everything,” says Michael Glynn, Vice President, Digital Automated Innovation, PCCW Global. “Our ODoH partnership with Cloudflare positions us well in the privacy and ‘Infrastructure of the Internet’ space. As well as the enhanced security and performance of the underlying PCCW Global network, which can be accessed on-demand via Console Connect, the performance of the proxies on our network are now improved by Cloudflare’s 1.1.1.1 resolvers. This model for the first time completely decouples client proxy from the resolvers. This partnership strengthens our existing focus on privacy as the world moves to a more remote model and privacy becomes an even more critical feature.”

    ODoH is an important step forward in privacy and security, and will hopefully see fast and widespread adoption.

  • Google and Barry Diller’s IAC At Odds Over Chrome Extensions

    Google and Barry Diller’s IAC At Odds Over Chrome Extensions

    Google and IAC are at odds over what Google calls misleading marketing practices, putting a lucrative deal at stake.

    IAC/InterActive Corp. offers a number of extensions for Google’s popular Chrome web browser. IAC markets the extensions as useful tools to make users’ lives easier. These can include manuals for various tools, saving users from searching for them. Other extensions provide easy access to government forms, or daily Bible quotes.

    According to the Wall Street Journal, however, some of IAC’s extensions do not perform as advertised. Even worse, the Chrome safety and trust team found that some extensions steer users toward more ads. According to documents the WSJ gained access to, the behavior was egregious enough the Chrome team recommended “immediate removal and deactivation” of the company’s extensions from the Chrome store.

    IAC’s chairman, Barry Diller, has said doing so would be devastating to IAC’s business. That hasn’t stopped Google from removing a number of the extensions, although the company told Reuters it is still working with IAC and reviewing their remaining extensions.

    Part of Google’s concern as it moves forward is the need to juggle appearances with the security of its users. The company is already under extensive scrutiny over antitrust and anticompetitive concerns. As a result, any action Google takes need to be above reproach and not add to the scrutiny it’s already under.

  • Apple to Start Requiring Privacy Labels on App December 8

    Apple to Start Requiring Privacy Labels on App December 8

    Apple is moving forward with its requirement that app developers include a privacy label with new app submissions, beginning December 8.

    Apple has established itself as the smartphone platform of choice for privacy conscious consumers. Many of its recent moves have angered Facebook and the advertising industry, specifically because they focus on protecting user privacy instead of making it easy for advertisers to track users.

    The latest move is to require developers to include a privacy label, much like packaged food’s nutrition label, clearly outlining what impact the app will have on a user’s privacy.

    On each app’s product page, users can learn about some of the data types the app may collect, and whether that data is linked to them or used to track them. You’ll need to provide information about your app’s privacy practices, including the practices of third-party partners whose code you integrate into your app, in App Store Connect. This information will be required to submit new apps and app updates to the App Store starting December 8, 2020.

    This is good news for privacy conscious users and will help them make informed decisions about what apps they choose to install.

  • Brave Web Browser Passes 20 Million Monthly Users, 7 Million Daily

    Brave Web Browser Passes 20 Million Monthly Users, 7 Million Daily

    Brave web browser is making inroads in the market, announcing it now has 20 million monthly active users and 7 million daily active users.

    Brave is distinguishing itself as a browser that focuses on privacy and security. By default, the browser is considered to be more secure than Firefox. At the same time, thanks to its Chromium engine—the same engine that powers Google Chrome and Microsoft Edge— Brave generally offers top-tier performance, often beating rivals.

    When it comes to monetization, Brave uses a somewhat unique method. The browser aggressively blocks ads, but gives users the option of seeing ads from Brave’s own network that, again, emphasizes privacy. This model seems to be a hit for all parties, as Brave boasts a click-through rate of 9%, well above the industry average of 2%.

    In addition, Brave allows individuals to become verified content creators. Other users can then use Brave’s own cryptocurrency, Basic Attention Tokens, to tip their favorite content creators.

    Brave’s features and performance seem to be gaining traction. The browser’s current 20 million monthly active users is up from 8.7 million a year ago. Similarly, the 7 million daily active users is up from 3 million a year ago. Since Apple began allowing users to set their default iOS browser in iOS 14, Brave’s daily active iOS users has grown 34%.

    At a time when Mozilla is still struggling to break free from its dependance on Google subsidies, and other major browsers are bundled with operating systems, it’s good to see an independent browser succeeding with an innovative approach to monetization and sustainability.

  • California Voters Pass Version 2.0 of the CCPA Privacy Legislation

    California Voters Pass Version 2.0 of the CCPA Privacy Legislation

    California voters passed Proposition 24, widely considered to be version 2.0 of the California Consumer Privacy Act (CCPA).

    The CCPA was a ground-breaking piece of legislation for the US, the first of its kind to so vigorously protect the privacy of consumers. In many ways, the CCPA was the American equivalent of the EU’s GDPR. Although the law was unique to California, some industry leaders vowed to apply its protections to all customers, even those outside of California.

    Proposition 24, officially known as the California Privacy Rights Act (CPRA), picks up where the CCPA left off, expanding the CCPA, closing loopholes and increasing protections even more.

    One of the biggest changes is the creation of a new agency that will oversee the enforcement of the regulation. Another change is that the CPRA makes companies collecting data responsible for what any companies they share that data with do with it.

    In addition, the CRPA differentiates between personally identifiable information and sensitive personally identifiable information, such as Social Security number, logins, precise location data and biometrics. This gives companies more options to fine-tune their marketing to use non-personal information, rather than lose access all-together.

    The legislation includes many other improvements, including more opt-in requirements, limits on how long companies may retain personal information, limits to how sensitive personal information may be used, reasonable expectations data will be kept secure, legal options if companies fail to do so and more.

    It’s a safe bet these increased measures and a dedicated enforcement agency will likely increase the CRPA’s reach even more than the CCPA’s. Since companies will be responsible for how third-party partners—including non-California partners—use data, many more companies will likely opt to apply CRPA protections to all of their customers in the interest of simplicity.

  • Sweden’s Largest Insurer Leaked Private Data to Tech Firms

    Sweden’s Largest Insurer Leaked Private Data to Tech Firms

    Sweden’s largest insurer, Folksam, has admitted to accidentally leaking the private data of one million of its customers to tech firms.

    According to U.S. News & World Report, Folksam insures every second home in Sweden, giving the company access to vast troves of personal and private data on its customers. Unfortunately, the company accidentally shared that data with Facebook, Google, LinkedIn and Microsoft.

    Unlike the US, the EU has strict data privacy laws in the form of the GDPR. As a result, data breaches such as this one can result in hefty fines and penalties if not handled correctly. Folksam has assured customers that it does not appear any of the data was used improperly by third-parties, and vowed to do better.

    “We take what has happened seriously. We have immediately stopped sharing this personal information and requested that it be deleted,” said Jens Wikstrom, Folksam’s head of marketing.

    This data breach is just the latest example demonstrating the risks that come with the current state of the tech industry, and specifically cross-industry interdependencies that have become commonplace.