Privacy Roundup 08/12/2024
Here's what you might have missed this week.
π Hey, Laura here! Welcome to this monthβs edition of Privacy Champ. Each week, I share important stories that change your personal privacy, plus other important privacy updates + one actionable, 5-minute privacy protection tip. If you havenβt already, please consider subscribing.
The stories you might have missed this week, with our take on whether theyβre positive (π), negative (π), or questionable (π€).
The good
π The FTC banned data brokers Gravy Analytics and Mobilewalla. They are accused of unlawfully tracking millions near sensitive sites.
π Data broker restriction regulation proposed.
π EU proposal for scanning private communications for child sexual abuse material (CSAM) was rejected (again).
π National Public Data has shut down. The data broker suffered a massive breach, exposing sensitive information of up to 170 million people,
The bad
π Bluesky posts are being widely scraped and included in massive datasets.
π Google's new AI model, PaliGemma 2, introduces emotion recognition capabilities.
π Telegram reverses its previous stance on privacy.
π Air Canada introduces facial recognition technology at Vancouver International Airport.
π FTC report reveals alarming levels of personal data collection by major social media and streaming platforms.
π Microsoft expands user activity recording as part of its Recall feature.
π OpenAI is considering incorporating ads into ChatGPT.
The questionable
π€ The U.S. government urges Americans to use encrypted messaging apps. Why? China-backed hackers have infiltrated major telecom networks.
π€ An Apple employee filed a lawsuit accusing Apple of surveillance. The accusation says Apple requires workers to install software on personal devices or tie them to iCloud.
For once, itβs been a relatively quiet week.
AI chatbot provider WotNot exposed over 300,000 files containing sensitive personal information, including passports, medical records, and CVs, on an unprotected Google Cloud storage bucket for over two months.
The stuff you need to watch out for in your inbox, on social media, and elsewhere on the web.
As always, thereβs been no shortage of phishing attacks.
Netflix users are being targeted by scams disguised as subscription renewal messages.
A new campaign exploits corrupted Word documents to bypass security software by leveraging Microsoft Word's file recovery feature, tricking users into recovering the files and scanning QR codes that lead to phishing sites stealing credentials.
Plus, a new social engineering trend.
βScam-yourself attacks trick victims into unintentionally enabling malicious actions, such as installing malware via fake tutorials, fake CAPTCHA prompts, or bogus updates.
AI is making things worse.
The FBI warns that scammers are leveraging generative AI to create more convincing fraud schemes, including romance scams, investment fraud, and impersonation, using realistic AI-generated text, images, and voice cloning.
And malicious apps steal your data.
McAfee identified 15 predatory "SpyLoan" apps, installed on over 8 million devices via the Google Play Store, which exploit social engineering tactics to steal sensitive data and lead to extortion and financial losses.
Cool new projects, features, and tips that improve your privacy.
Instagram Threads is testing a privacy feature that allows users to hide their replies from their profiles.
Google Chrome is introducing an AI-powered "Store reviews" feature that summarizes website trustworthiness based on reviews from independent platforms, accessible via the page info bubble in the address bar.
The Aloha browser is introducing a Cookie Consent Management feature that allows users to set their cookie preferences in advance (already available on iOS and coming to Android in 2025).
Researchers at Georgia Tech University developed "Chameleon," an AI model that creates a digital privacy mask for photos, preventing unauthorized facial recognition while preserving image quality.
A new website demonstrates how much Googleβs AI can deduce from a single image.
Think twice before you click on a Google (or another search engine) result.
Fake ads are showing up in prominent search engine results. They look like real ads but actually go to fraudulent links that spread malware or steal sensitive data.