Category Archives: Privacy

Daily Mail seeks to delay court allegations of high-profile breaches of privacy

Posted on by

Lawyers for group including Prince Harry, Doreen Lawrence and Elton John filed claims two months ago

The Daily Mail has sought to delay the publication of potentially damaging court allegations about its journalism made by Prince Harry, Doreen Lawrence, Elton John and others.

Lawyers acting for the group of high-profile individuals claim they have “compelling and highly distressing evidence” they have been the “victims of abhorrent criminal activity and gross breaches of privacy” by Associated Newspapers over many years.

The hiring of private investigators to secretly place listening devices inside people’s cars and homes.

The commissioning of individuals to surreptitiously listen in to, and record, people’s live, private telephone calls while they were taking place.

The payment of police officials, with allegedly corrupt links to private investigators, for sensitive inside information.

The impersonation of individuals to obtain medical information from private hospitals, clinics, and treatment centres by deception.

The accessing of bank accounts, credit histories and financial transactions through illicit means and manipulation.

Continue reading...

Google will pay $392m to 40 states in largest ever US privacy settlement

Posted on by

Case is a historic win for consumers after an investigation found the tech company tracked users’ location even after they opted out

Google has agreed to a $391.5m settlement with 40 states to resolve an investigation into how the company tracked users’ locations, state attorneys general announced on Monday.

The states’ investigation was sparked by a 2018 Associated Press story, which found that Google continued to track people’s location data even after they opted out of such tracking by disabling a feature the company called “location history”.

Continue reading...

Government considers making cyber ransom payments illegal after Medibank hack

Posted on by

Minister Clare O’Neil says health insurer was right not to pay ransom, even as hackers threatened to release more customer data to dark web

It could soon be illegal for companies that fall victim to data breaches to pay ransoms to the hackers.

The home affairs minister, Clare O’Neil, confirmed the government was examining whether new laws were needed to stop ransom payments in the wake of the Medibank and Optus data breaches.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

Australia news live: Medibank hacker demands ‘US$1 per customer’ ransom; ‘rotten egg gas’ problem in navy patrol boats

Posted on by

Defence officials say there is an issue with hydrogen sulphide in the vessels’ waste systems. Follow the day’s news live

Coalition’s staff cap has fuelled lack of payment integrity, Shorten says

Bill Shorten goes on to criticise the NDIS staff cap implemented by the Coalition government:

When there were 180,000 participants in the scheme, the staff numbers were around 3,500 to 4,000. And the government of the day said, ‘OK, no more staff.’

Now the scheme has half a million people-plus, and what’s happened is that we’ve brought in contractors or labour hire or partners in the community and the scheme hasn’t been well, in my opinion, supervised and well loved.

I don’t blame someone for seeking to get support for the child. What does make me wonder is the state school systems providing the support for kids with developmental and learning delays? Are they doing enough or not? How can you force their hand to do it so that these people aren’t going on the NDIS?

Originally, when the NDIS was created, it was to be a 50/50 split, at the moment the federal government is paying 64% to 66% of the scheme and states are paying in the mid 30s.

Continue reading...

TikTok’s ties to China: why concerns over your data are here to stay

Posted on by

Harvesting data is the norm for social media apps, but the question that many have is where it goes and who has access to it

In 2021 Android phone users around the world spent 16.2tn minutes on TikTok. And while those millions and millions of users no doubt had an enjoyable time watching clips on the addictive social video app, they also generated a colossal amount of data.

TikTok collects information on how you consume its content, from the device you are using to how long you watch a post for and what categories you like, and uses that information to fine tune the algorithm for the app’s main feed.

Continue reading...

TikTok tells European users its staff in China get access to their data

Posted on by

Privacy policy update confirms data of continent’s users available to range of TikTok bases including in Brazil, Israel and US

TikTok is spelling out to its European users that their data can be accessed by employees outside the continent, including in China, amid political and regulatory concerns about Chinese access to user information on the platform.

The Chinese-owned social video app is updating its privacy policy to confirm that staff in countries, including China, are allowed to access user data to ensure their experience of the platform is “consistent, enjoyable and safe”.

Continue reading...

‘Buying bad’: the black market where access to hacked Australian data can cost just $500

Posted on by

Some sites that mediate the sale of hacked data use Reddit-style upvoting systems to weed out scammers and law enforcement

When personal data is stolen in a breach, such as the recent high-profile attacks on Optus and Medibank, it often begins a journey through a shadowy criminal marketplace which follows surprisingly traditional models of supply and demand.

Passwords, personal information, copies of identity documents and contact details of victims may pass through a web of transactions, mediated in online forums or hidden on the dark web, and denominated in cryptocurrency, before ending up in the hands of those who plan to exploit them.

Sign up for our free morning and afternoon email newsletters from Guardian Australia for your daily news roundup

Continue reading...

Cybercrime in Australia has been on the rise for years, but Optus and Medibank have been wake-up calls

Posted on by

Experts say the recent prominence of data breaches is just companies being more forthcoming and the media more focused on reporting them

It might seem like data breaches are occurring more frequently than ever in the wake of the Optus cyber-attack, but while cybercrime incidents are constantly on the rise, Australia isn’t really a hot new target.

Since Optus first disclosed its massive data breach at the end of September, breaches or attacks have been reported by Medibank, Woolworths’ MyDeal, EnergyAustralia, Vinomofo and Medlab.

Sign up for our free morning and afternoon email newsletters from Guardian Australia for your daily news roundup

Continue reading...

Business racing to use facial recognition technology, raising concerns the law is too slow to catch up

Posted on by

Clubs NSW says the scheme will be used to combat problem gambling, but experts warn of a lack of safeguards and regulation

The rollout of facial recognition technology in all New South Wales pubs and clubs shows how business is forging ahead collecting biometric information before the law has had a chance to catch up, experts warn.

The NSW government this week introduced new laws allowing the use of facial recognition throughout pubs and clubs, despite not yet developing rules to guide the rollout.

Sign up for our free morning newsletter and afternoon email to get your daily news roundup

Continue reading...

Attorney general flags urgent privacy law changes after Optus data breach

Posted on by

Mark Dreyfus indicates potential reforms to laws regarding data breaches including higher penalties, mandatory precautions and customer notifications

Privacy law changes, including tougher penalties for data breaches, could be legislated as early as this year, the attorney general has said in the wake of the Optus breach.

Mark Dreyfus revealed on Thursday that in addition to completing a review of Australia’s privacy laws the Albanese government will look to legislate “even more urgent reforms” late this year or in early 2023.

Continue reading...

Optus cyber-attack: company opposed changes to privacy laws to give customers more rights over their data

Posted on by

In its submission to Privacy Act review telco said giving people right to erase personal data would involve ‘significant’ hurdles and costs

Optus has repeatedly opposed a proposed change to privacy laws that would give customers the right to request their data be destroyed, with the telco arguing there were “significant hurdles” to implementing such a system and it would come at “significant cost”.

On Thursday, the company revealed it had suffered a massive cyber-attack in which the personal information of customers was stolen, including names, dates of birth, phone numbers, email addresses, addresses, and passport and driver’s licence numbers.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

First-of-its-kind legislation will keep California’s children safer while online

Posted on by

Bill approved Monday will require companies to install guardrails for those under age 18 and use higher privacy settings

California lawmakers passed first-of-its-kind legislation on Monday designed to improve the online safety and privacy protections for children.

The bill, the California Age-Appropriate Design Code Act, will require firms such as TikTok, Instagram, and YouTube to install guardrails for users under the age of 18, including defaulting to higher privacy settings for minors and refraining from collecting location data for those users.

Continue reading...

FTC sues company for selling data that could be used to track consumers

Posted on by

The lawsuit against data broker Kochava seeks to halt the sale of sensitive geolocation data and delete what was collected

The US Federal Trade Commission (FTC) on Monday sued Idaho-based data broker Kochava for selling geolocation data from hundreds of millions of mobile devices that could be used to track consumers.

The FTC said consumer data could be used to trace people’s movements to and from sensitive locations including “reproductive health clinics, places of worship, homeless and domestic violence shelters, and addiction recovery facilities”.

Continue reading...

Facebook-Cambridge Analytica data breach lawsuit ends in 11th hour settlement

Posted on by

Dramatic move shows Mark Zuckerberg ‘desperate to avoid being questioned over cover-up’, says Observer journalist who exposed scandal

Facebook has dramatically agreed to settle a lawsuit seeking damages for allowing Cambridge Analytica access to the private data of tens of millions of users, four years after the Observer exposed the scandal that mired the tech giant in repeated controversy.

A court filing reveals that Meta, Facebook’s parent company, has in principle settled for an undisclosed sum a long-running lawsuit that claimed Facebook illegally shared user data with the UK analysis firm.

Continue reading...

Facebook agrees to settle Cambridge Analytica data privacy lawsuit

Posted on by

The four-year-old case alleged that the company had violated consumer privacy laws by sharing users’ personal data with third parties

Meta’s Facebook has in-principle agreed to settle a lawsuit in the San Francisco federal court seeking damages for letting third parties, including Cambridge Analytica, access the private data of users, a court filing showed.

The financial terms were not disclosed in the filing on Friday that asked the judge to put the class action suit on hold for 60 days until the lawyers for both plaintiffs and Facebook finalize a written settlement.

Continue reading...

CEO of Israeli Pegasus spyware firm NSO to step down

Posted on by

CEO Shalev Hulio is stepping down as part of NSO reorganisation that will see it focus on sales in Nato member countries

Israel’s NSO Group, which makes the globally controversial Pegasus spyware said on Sunday its CEO Shalev Hulio would step down as part of a reorganisation.

The indebted, privately owned company also said it would focus sales on countries belonging to the Nato alliance.

Continue reading...

UK cybersecurity chiefs back plan to scan phones for child abuse images

Posted on by

Heads of GCHQ and NCSC say client-side scanning could protect children and privacy at the same time

Tech companies should move ahead with controversial technology that scans for child abuse imagery on users’ phones, the technical heads of GCHQ and the UK’s National Cybersecurity Centre have said.

So-called “client-side scanning” would involve service providers such as Facebook or Apple building software that monitors communications for suspicious activity without needing to share the contents of messages with a centralised server.

Continue reading...

Amazon gave Ring doorbell videos to US police 11 times without permission

Posted on by

The company has said it will not share customer information with law enforcement without consent, a warrant or in an emergency

Amazon has provided Ring doorbell footage to law enforcement 11 times this year without the user’s permission, despite previously stating it would do so only with consent.

The disclosure came in a letter from the company that was made public Wednesday by Senator Edward Markey and is bound to raise more privacy and civil liberty concerns about its video-sharing agreements with police departments across the US.

Continue reading...

Privacy watchdog to investigate Bunnings and Kmart over use of facial recognition technology

Posted on by

Information commissioner will look into the personal information handling practices of the retail giants

Australia’s privacy watchdog has launched an investigation into retail giants Bunnings and Kmart over their use of facial recognition technology in some stores.

Consumer group Choice last month revealed Bunnings and Kmart were using the technology – which captures images of people’s faces from video cameras as a unique faceprint that is then stored and can be compared with other faceprints – in what the companies say is a move to protect customers and staff and reduce theft in select stores.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...

Hacker claims to have obtained data on 1 billion Chinese citizens

Posted on by

Personal information allegedly taken from Shanghai police database would be one of biggest data breaches in history

A hacker has claimed to have stolen the personal information of 1 billion Chinese citizens from a Shanghai police database, in what would amount to one of the biggest data breaches in history if found to be true.

The anonymous hacker, identified only as “ChinaDan”, posted on hacker forum Breach Forums last week offering to sell the more than 23 terabytes (TB) of data for 10 bitcoin, equivalent to about $200,000 (£165,000).

Continue reading...