Category Archives: Data protection

Instagram owner Meta fined €405m over handling of teens’ data

Posted on by

Penalty follows investigation into Instagram setting that allowed teenagers to set up accounts that displayed contact details

Instagram owner Meta has been fined €405m (£349m) by the Irish data watchdog for letting teenagers set up accounts that publicly displayed their phone numbers and email addresses.

The Data Protection Commission confirmed the penalty after a two-year investigation into potential breaches of the European Union’s general data protection regulation (GDPR).

Continue reading...

FTC sues company for selling data that could be used to track consumers

Posted on by

The lawsuit against data broker Kochava seeks to halt the sale of sensitive geolocation data and delete what was collected

The US Federal Trade Commission (FTC) on Monday sued Idaho-based data broker Kochava for selling geolocation data from hundreds of millions of mobile devices that could be used to track consumers.

The FTC said consumer data could be used to trace people’s movements to and from sensitive locations including “reproductive health clinics, places of worship, homeless and domestic violence shelters, and addiction recovery facilities”.

Continue reading...

Hacker claims to have obtained data on 1 billion Chinese citizens

Posted on by

Personal information allegedly taken from Shanghai police database would be one of biggest data breaches in history

A hacker has claimed to have stolen the personal information of 1 billion Chinese citizens from a Shanghai police database, in what would amount to one of the biggest data breaches in history if found to be true.

The anonymous hacker, identified only as “ChinaDan”, posted on hacker forum Breach Forums last week offering to sell the more than 23 terabytes (TB) of data for 10 bitcoin, equivalent to about $200,000 (£165,000).

Continue reading...

Google will delete location history data for abortion clinic visits

Posted on by

The company said that sensitive places including fertility centers, clinics and addiction treatment facilities will be erased

Alphabet will delete location data showing when users visit an abortion clinic, the online search company said on Friday, after concern that a digital trail could inform law enforcement if an individual terminates a pregnancy illegally.

As state laws limiting abortions set in after the US supreme court decided last month that they are no longer guaranteed by the constitution, the technology industry has fretted police could obtain warrants for customers’ search history, geolocation and other information revealing pregnancy plans.

Continue reading...

Tech firms under pressure to safeguard user data as abortion prosecutions loom

Posted on by

Private information collected and retained by companies could be weaponized to prosecute abortion seekers and providers

After the US supreme court overturned Roe v Wade on Friday, calls increased for tech companies to take a stand about the use of online data to incriminate individuals seeking or providing abortion services.

Abortion and civil rights advocates have warned that there are few federal regulations on what information is collected and retained by tech firms, making it easy for law enforcement officials to access incriminating data on location, internet searches and communication history.

Continue reading...

My Health Record: after 12 years and more than $2bn, hardly anyone is using digital service

Posted on by

Research shows many Australians find medical records not uploaded and clinicians fail to see benefits of using the national online database

Twelve years after the introduction of My Health Record, Australians are struggling to access their medical information, while clinicians report frustrating difficulties uploading and finding vital health details such as pathology results and diagnostic tests.

The latest annual report from the Australian Digital Health Agency shows just 2.69 million of the 23 million people registered for a My Health Record accessed it in 2020-21. While this is an increase of 14% from the previous year, it was largely driven by people accessing Covid-19 vaccination records and Covid-19 test results.

Sign up for the fun stuff with our rundown of must-reads, pop culture and tips for the weekend, every Saturday morning

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

Met police did not consult us on children’s data project, say youth violence experts

Posted on by

Force claimed it approached groups before launch of Project Alpha which scours social media sites

Youth violence experts have said they had no involvement with a police scheme that collects children’s personal data, despite the Met claiming to have consulted them.

Project Alpha, involving more than 30 staff and launched in 2019 with Home Office funding, scours social media sites looking at drill music videos and other content. It has prompted concerns about racial profiling and potential privacy violations.

Continue reading...

Author of review into aborted GP data sharing in England opted out of scheme

Posted on by

Prof Ben Goldacre cited risks of deanonymisation as his main reason for withdrawing his consent

The author of a government review into medical data sharing personally opted out of the aborted plan to share GP health data, a parliamentary committee has heard.

Prof Ben Goldacre, a former Guardian columnist and the author of the Goldacre Review, exercised his right to opt out of the Government’s General Practice Data for Planning and Research scheme, he told the Commons Science and Technology committee, because he was concerned about the risks of deanonymisation.

Continue reading...

Inquiry into leak of Matt Hancock kiss images leads to no prosecutions

Posted on by

ICO finds insufficient evidence against those suspected of capturing footage of minister with colleague

No one will be prosecuted over the leak of CCTV footage showing Matt Hancock engaged in a clinch with a colleague in his office, the Information Commissioner’s Office (ICO) has announced.

The footage and stills of the embrace, which prompted his resignation as health secretary, were leaked to the Sun in June last year. It was most likely obtained by someone using their phone to record a CCTV screen, the ICO said.

Continue reading...

NHS Scotland Covid app rebuked for breaching data privacy laws

Posted on by

UK watchdog says app was not clear about how data is used and it may consider ‘further regulatory action’

The Scottish government and NHS Scotland have been rebuked for breaching data privacy laws on a Covid vaccine status app downloaded by millions of people.

The Information Commissioner’s Office, which polices the UK’s privacy laws, said it had warned the Scottish government and NHS last year that there were serious privacy problems with the app, but not all those problems were fixed before it was launched.

Continue reading...

FBI confirms it obtained NSO’s Pegasus spyware

Posted on by

Bureau says sophisticated hacking tool was never used in support of any investigation

The FBI has confirmed that it obtained NSO Group’s powerful Pegasus spyware, suggesting that it bought access to the Israeli surveillance tool to “stay abreast of emerging technologies and tradecraft”.

In a statement released to the Guardian, the bureau said it had procured a “limited licence” to access Pegasus for “product testing and evaluation only”, and suggested that its evaluation of the tool partly related to security concerns if the spyware fell into the “wrong hands”.

Continue reading...

NSO offered US mobile security firm ‘bags of cash’, whistleblower claims

Posted on by

Israeli spyware firm denies doing business with Mobileum and co-founder ‘has no recollection of using the phrase’

A whistleblower has alleged that an executive at NSO Group offered a US-based mobile security company “bags of cash” in exchange for access to a global signalling network used to track individuals through their mobile phone, according to a complaint that was made to the US Department of Justice.

The allegation, which dates back to 2017 and was made by a former mobile security executive named Gary Miller, was disclosed to federal authorities and to the US congressman Ted Lieu, who said he conducted his own due diligence on the claim and found it “highly disturbing”.

Continue reading...

A data ‘black hole’: Europol ordered to delete vast store of personal data

Posted on by

EU police body accused of unlawfully holding information and aspiring to become an NSA-style mass surveillance agency

The EU’s police agency, Europol, will be forced to delete much of a vast store of personal data that it has been found to have amassed unlawfully by the bloc’s data protection watchdog. The unprecedented finding from the European Data Protection Supervisor (EDPS) targets what privacy experts are calling a “big data ark” containing billions of points of information. Sensitive data in the ark has been drawn from crime reports, hacked from encrypted phone services and sampled from asylum seekers never involved in any crime.

According to internal documents seen by the Guardian, Europol’s cache contains at least 4 petabytes – equivalent to 3m CD-Roms or a fifth of the entire contents of the US Library of Congress. Data protection advocates say the volume of information held on Europol’s systems amounts to mass surveillance and is a step on its road to becoming a European counterpart to the US National Security Agency (NSA), the organisation whose clandestine online spying was revealed by whistleblower Edward Snowden.

Continue reading...

UK spy chief suggests Beijing risks ‘miscalculation’ over west’s resolve

Posted on by

Island’s status and surveillance technology making China ‘single greatest priority’ for MI6

China is at risk of “miscalculating through over-confidence” over Taiwan, said the MI6 head, Richard Moore, in a statement clearly intended to warn Beijing to back off any attempt to seize control of the island.

Giving a rare speech, Britain’s foreign intelligence chief said in London that China was at risk of “believing its own propaganda” and that the country had become “the single greatest priority” for MI6 for the first time in its history.

Continue reading...

The dawn of tappigraphy: does your smartphone know how you feel before you do?

Posted on by

Tech companies are seeking to analyse data on the way we tap, scroll, text and call to monitor our mental health – with potential consequences for privacy and healthcare

We all fear our smartphones spy on us, and I’m subject to a new type of surveillance. An app called TapCounter records each time I touch my phone’s screen. My swipes and jabs are averaging about 1,000 a day, though I notice that’s falling as I steer shy of social media to meet my deadline. The European company behind it, QuantActions, promises that through capturing and analysing the data it will be able to “detect important indicators related to mental/neurological health”.

Arko Ghosh is the company’s cofounder and a neuroscientist at Leiden University in the Netherlands. “Tappigraphy patterns” – the time series of my touches – can, he says, confidently be used not only to infer slumber habits (tapping in the wee hours means you are not sleeping) but also mental performance level (the small intervals in a series of key-presses represent a proxy for reaction time), and he has published work to support it.

Continue reading...

Intimate data: can a person who tracks their steps, sleep and food ever truly be free?

Posted on by

Big tech now encourages us to monitor everything from our heart rate to our glucose levels via smartphones and watches. How much privacy have we lost to the promise of self improvement - and is it time to stop?


First we counted our steps, then our heartbeats, blood pressure and respiratory rates. We monitored our sleep, workouts, periods and fertility windows. But there is plenty left to measure as we are sold the promise of self-optimisation by the vast and sometimes controversial frontier of health tracking – an increasingly medicalised market that has flourished since pedometers went digital and watches got smart.

The latest health metric available to consumers comes from a medical device originally designed for people with diabetes; it allows users to track their blood sugar levels. But, as always, the big questions are: will it make us healthier, and is it wise to sacrifice ever more intimate data?

Continue reading...

The Taliban are showing us the dangers of personal data falling into the wrong hands

Posted on by

Digital ID systems are a powerful development tool, providing a legal identity to millions, but their misuse can be deadly

The Taliban have openly talked about using US-made digital identity technology to hunt down Afghans who have worked with the international coalition – posing a huge threat to everyone recorded in the system. In addition, the extremists now also have access to – and control over – the digital identification systems and technologies built through international aid support.

These include the e-Tazkira, a biometric identity card used by Afghanistan’s National Statistics and Information Authority, which includes fingerprints, iris scans and a photograph, as well as voter registration databases. It also includes the Afghan personnel and pay system, used by the interior and defence ministries to pay the army and police.

Continue reading...

UK to overhaul privacy rules in post-Brexit departure from GDPR

Posted on by

Culture secretary says move could lead to an end to irritating cookie popups and consent requests online

Britain will attempt to move away from European data protection regulations as it overhauls its privacy rules after Brexit, the government has announced.

The freedom to chart its own course could lead to an end to irritating cookie popups and consent requests online, said the culture secretary, Oliver Dowden, as he called for rules based on “common sense, not box-ticking”.

Continue reading...

Officials who are US allies among targets of NSO malware, says WhatsApp chief

Posted on by

Will Cathcart claims government officials around the world among 1,400 WhatsApp users targeted in 2019

Senior government officials around the world – including individuals in high national security positions who are “allies of the US” – were targeted by governments with NSO Group spyware in a 2019 attack against 1,400 WhatsApp users, according to the messaging app’s chief executive.

Will Cathcart disclosed the new details about individuals who were targeted in the attack after revelations this week by the Pegasus project, a collaboration of 17 media organisations which investigated NSO, the Israeli company that sells its powerful surveillance software to government clients around the world.

Continue reading...

Chinese-owned firm acquires UK’s largest semiconductor manufacturer

Posted on by

Tory MP Tom Tugendhat raises concerns about deal in light of global computer chip shortage

The UK’s largest producer of semiconductors has been acquired by the Chinese-owned manufacturer Nexperia, prompting a senior Tory MP to call for the government to review the sale to a foreign owner during an increasingly severe global shortage of computer chips.

Nexperia, a Dutch firm owned by China’s Wingtech, said on Monday that it had taken full control of Newport Wafer Fab (NWF), the UK’s largest producer of silicon chips, which are vital in products from TVs and mobile phones to cars and games consoles.

Continue reading...