Under the GDPR (General Data Protection Regulation), all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. Additionally, there are circumstances in which…
IMSI-Catchers from Canada
Gizmodo is reporting that Harris Corp. is no longer selling Stingray IMSI-catchers (and, presumably, its follow-on models Hailstorm and Crossbow) to local governments: L3Harris Technologies, formerly known as the Harris Corporation, notified police agencies last…
New Privacy Features in iOS 14
A good rundown.Read more: schneier.com
On Executive Order 12333
Mark Jaycox has written a long article on the US Executive Order 12333: “No Oversight, No Limits, No Worries: A Primer on Presidential Spying and Executive Order 12,333“: Abstract: Executive Order 12,333 (“EO 12333”) is…
Former NSA Director Keith Alexander Joins Amazon’s Board…
This sounds like a bad idea.Read more: schneier.com
Privacy Analysis of Ambient Light Sensors
Interesting privacy analysis of the Ambient Light Sensor API. And a blog post. Especially note the “Lessons Learned” section.Read more: schneier.com
Cory Doctorow on The Age of Surveillance Capitalism
Cory Doctorow has writtten an extended rebuttal of Read more: schneier.com
Identifying People by Their Browsing Histories
Interesting paper: "Replication: Why We Still Can't Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories": We examine the threat to individuals' privacy based on the feasibility of reidentifying users through distinctive…
Collecting and Selling Mobile Phone Location Data
The Wall Street Journal has an article about a company called Anomaly Six LLC that has an SDK that's used by "more than 500 mobile applications." Through that SDK, the company collects location data from…