Users of ‘throuples’ dating app Feeld may have had intimate photos accessed

Alternative relationships site says it has resolved concerns about data security that tech firm claims to have uncovered

Users of Feeld, a dating app aimed at alternative relationships, could have had sensitive data including messages, private photos and details of their sexuality accessed or even edited, it has emerged, after cybersecurity experts exposed a string of security “vulnerabilities”.

Feeld, registered in the UK, reported soaring revenues and profits this month, thanks to millions of downloads from non-monogamous, queer and kinky users across the world.

Continue reading...

Sky Betting & Gaming reprimanded for unlawfully sharing users’ personal data

ICO says online gambling company passed customers’ information to advertising technology companies

The online gambling company Sky Betting & Gaming has been reprimanded by the data regulator for unlawfully sharing customers’ information with advertising companies that could then target those users with personalised marketing.

The Information Commissioner’s Office (ICO) said it had investigated Bonne Terre Ltd, trading as Sky Betting & Gaming, after a complaint by the campaign group Clean Up Gambling.

Continue reading...

Meta to push on with plan to use UK Facebook and Instagram posts to train AI

Move to use shared posts follows information commissioner concerns and sets collision course with EU over privacy

Mark Zuckberg’s Meta is to go ahead with controversial plans to use millions of UK Facebook and Instagram posts to train its artificial intelligence (AI) technology, in a practice that is effectively outlawed under EU privacy laws.

Meta said it had “engaged positively” with the Information Commissioner’s Office (ICO) over the plan, after it paused similar proposals in June in the UK and EU. The pause came after the ICO warned tech firms to respect the privacy of users when building generative AI.

Continue reading...

Hackers steal customer data from Europe’s largest parking app operator

Owner of RingGo and ParkMobile says data including parts of credit card numbers taken in cyber-attack

Europe’s largest parking app operator has reported itself to information regulators in the EU and UK after hackers stole customer data.

EasyPark Group, the owner of brands including RingGo and ParkMobile, said customer names, phone numbers, addresses, email addresses and parts of credit card numbers had been taken but said parking data had not been compromised in the cyber-attack.

Continue reading...

Customer data used for unwanted romantic contact, UK poll shows

Almost one in three people aged 18-34 have been messaged by staff after giving personal details to a business

Almost one in three people aged 18-34 have received unwanted romantic contact after giving their personal information to a business, a UK poll has shown.

The Information Commissioner’s Office (ICO) has called for recipients of such texts to come forward to help the regulator gather evidence of the impact of this phenomenon.

The ICO has an online form for people who want to report an experience of unwanted contact.

Continue reading...

NHS data breach: trusts shared patient details with Facebook without consent

Observer investigation reveals Meta Pixel tool passed on private details of web browsing on medical sites

NHS trusts are sharing intimate details about patients’ medical conditions, appointments and treatments with Facebook without consent and despite promising never to do so.

An Observer investigation has uncovered a covert tracking tool in the websites of 20 NHS trusts which has for years collected browsing information and shared it with the tech giant in a major breach of privacy.

Continue reading...

Outsourcer Interserve fined £4.4m for failing to stop cyber-attack

Watchdog says phishing email enabled hackers to steal personal information of 113,000 employees

Britain’s data watchdog has fined the construction group Interserve £4.4m after a cyber-attack that enabled hackers to steal the personal and financial information of up to 113,000 employees.

The attack occurred when Interserve ran an outsourcing business and was designated a “strategic supplier to the government with clients including the Ministry of Defence”. Bank account details, national insurance numbers, ethnic origin, sexual orientation and religion were among the personal information compromised.

Continue reading...

Aaron Banks ‘writes off £7m loan’ as Leave.EU goes into liquidation

Brexit campaign group fronted by Nigel Farage leaves thousands in unpaid fines for data law breaches

The Brexit campaign group Leave.EU has gone into liquidation with its controversial co-founder Arron Banks appearing to write off a loan worth more than £7m.

Documents submitted to Companies House also reveal that the anti-EU lobbying group, which was fronted by Nigel Farage during the 2016 EU referendum campaign, has failed to pay tens of thousands in fines owed to the Information Commissioner’s Office (ICO) for breaches of data law.

Continue reading...

Inquiry into leak of Matt Hancock kiss images leads to no prosecutions

ICO finds insufficient evidence against those suspected of capturing footage of minister with colleague

No one will be prosecuted over the leak of CCTV footage showing Matt Hancock engaged in a clinch with a colleague in his office, the Information Commissioner’s Office (ICO) has announced.

The footage and stills of the embrace, which prompted his resignation as health secretary, were leaked to the Sun in June last year. It was most likely obtained by someone using their phone to record a CCTV screen, the ICO said.

Continue reading...

UK officials still blocking Peter Wright’s ‘embarrassing’ Spycatcher files

A documentary-maker has accused the Cabinet Office of defying the 30-year rule in withholding details of the MI5 exposé

The Cabinet Office has been accused of “delay and deception” over its blocking of the release of files dating back more than three decades that reveal the inside story of the intelligence agent Peter Wright and the Spycatcher affair.

Wright revealed an inside account of how MI5 “bugged and burgled” its way across London in his 1987 autobiography Spycatcher. He died aged 78 in 1995.

Continue reading...

Watchdog steps in over secrecy about UK women in Syria stripped of citizenship

Exclusive: Home Office refusal to disclose how many women are in same position as Shamima Begum prompts action

The Home Office’s refusal to disclose the number of women who, like Shamima Begum, have been deprived of their British citizenship after travelling to join Islamic State is under investigation by the information commissioner.

The watchdog said it would step in after the government refused to share the data with a human rights group concerned about the conditions of British women and children detained in camps in north-east Syria, where conditions are dire.

Continue reading...

Met removes hundreds from gangs matrix after breaking data laws

How list is compiled also to be reviewed amid claims it blights life chances and is discriminatory

Hundreds of young people have been removed from a controversial police list of alleged gang members after claims that it is discriminatory and blighted their life chances, the Guardian has learned.

The Metropolitan police’s gangs matrix, which the force says is a vital tool in tackling violence in London, has been found to be breaking data laws.

Continue reading...

Regulator looking at use of facial recognition at King’s Cross site

Information commissioner says use of the technology must be ‘necessary and proportionate’

The UK’s privacy regulator said it is studying the use of controversial facial recognition technology by property companies amid concerns that its use in CCTV systems at the King’s Cross development in central London may not be legal.

The Information Commissioner’s Office warned businesses using the surveillance technology that they needed to demonstrate its use was “strictly necessary and proportionate” and had a clear basis in law.

Continue reading...

Facebook stored hundreds of millions of passwords unprotected

Company admits to mistake and says it has no evidence of abuse – but the risk was huge

Facebook mistakenly stored “hundreds of millions” of passwords in plaintext, unprotected by any encryption, the company has admitted.

The mistake, which led to user passwords being kept in Facebook’s internal servers in an insecure way, affects “hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users”, according to the social networking site. Facebook Lite is a version of Facebook created for use in nations where mobile data is unaffordable or unavailable.

Continue reading...

Cambridge Analytica a year on: ‘a lesson in institutional failure’

One year after she broke the scandal, Carole Cadwalladr talks to whistleblower Christopher Wylie about the fallout for big tech, and the fight to hold the culprits to account

It’s a measure of how much has changed in a year that, last month the UK, parliament published an official report that called Facebook “digital gangsters” and said that Britain’s electoral laws no longer worked. It was a report that drew on hours of testimony from Cambridge Analytica directors, Facebook executives and dozens of expert witnesses: 73 in total, of whom MPs had asked 4,350 questions. And its conclusion? That Silicon Valley’s tech platforms were out of control, none more so than Facebook, which it said had treated parliament with “contempt”.

And it’s a measure of how much hasn’t changed that this was a news story for just two hours on a Monday morning before the next Westminster drama – the launch of the Independent Group – knocked it off the headline slots.

Continue reading...