Tag: Privacy

Health websites routinely share your activity with 57 third-parties

B9 Systems conducted research into the use of cookies by health websites and discovered that all the major players share your private information with, on average, 57 other websites. These include advertising & marketing websites, social media outlets and resellers.

Further research indicated that in a survey of 100 internet users, 89% had used a medical website to help self-diagnose an ailment at some point, yet only 42% understood that the activity they conducted was then shared with other third-party companies. This means 58% of the users surveyed had no idea that their information was being passed onto companies after they had clicked ‘Accept’ on the site’s cookies policy.

Read more about the findings of the new research on Help Net Security.

Web inventor Berners-Lee creates a new privacy first way of dealing with the internet

When Sir Tim Berners-Lee invented the web, he made it easy for everyone to use it and share information. Fast forward 28-years, and your personal information is controlled largely by major companies. Enough already. Berners-Lee wants to put our data back in our hands.

Berners-Lee wants to do this with a new open-source project: Solid. He’s not the first. People are sick of having their personal data locked in the hands of giant corporations. Berners-Lee who “was devastated” by recent privacy abuses, decided enough was enough.

Read more about how the creator of the web wants to save it now, on ZDNet.

Telegram fixes IP address leak in desktop client

Telegram users who specifically utilize the application for its anonymity features are advised to update their desktop clients as soon as possible to patch a bug that will leak their IP address in some scenarios. The bug was found by Dhiraj Mishra, a bug hunter from Mumbai, India, and was patched by Telegram with the releases of Telegram for Desktop v1.4.0 and v1.3.17 beta.

Mishra discovered that the Telegram desktop clients for Windows, Mac, and Linux would reveal users’ IP addresses. The leak happened only during voice calls. This is a dangerous bug, especially for users who utilize Telegram for its privacy and anonymity feature, such as journalists, political dissidents, or human rights fighters.

Read more about the new Telegram patch that addresses the original lack of privacy-enhancing option for voice calls in desktop clients, on ZDNet.

Google’s Forced Sign-in to Chrome Raises Privacy Red Flags

An update to Google Chrome’s sign-in mechanism could clear a path to compromising the privacy of users’ browser data, according to a researcher who stumbled across the change. Matthew Green, a cryptographer, noticed his Gmail profile pic strangely and suddenly appearing in his browser window—generally a sign that a user is logged in.

However, he hadn’t actually affirmatively signed in, which threw up a red flag. This led him to parse through Google’s last Chrome update (Chrome 69), where he discovered that “every time you log into a Google property, Chrome will automatically sign the browser into your Google account for you.”

Read more about the privacy issues caused by Google’s forced sign-in to Chrome mechanism on Threatpost.

 

Implications of the California Consumer Privacy Act of 2018

It’s no secret, consumers are increasingly mindful of who is accessing, collecting, receiving, storing and otherwise processing their personal data. In an effort to standardize data protection requirements across the European Union and improve trust in the rapidly expanding digital economy, the European Parliament and Council introduced the General Data Protection Regulation (GDPR), which went into effect this past spring.

The GDPR is effectively changing the way business is conducted around the world, with massive implications for global ecommerce. And we’re now seeing the push for data protection in the United States with the adoption of the California Consumer Privacy Act of 2018 (CCPA).

Read more about the CCPA and its implications on Help Net Security.

Researchers reveal new online user tracking techniques

Researchers have identified a number of online user tracking techniques that can’t be blocked by browsers’ built-in anti-tracking defenses and existing anti-tracking and ad-blocking extensions.

The good news is that they’ve also scanned the Alexa Top 10,000 most popular sites and found no evidence that these techniques are already being used by user tracking services and advertisers.

Read more about the research paper outlining the newly discovered user tracking techniques on Help Net Security.

Google location tracking continues even when turned off

Turning off Google location tracking may not be as simple as changing one setting to “off,” according to new research.

An AP investigation found that even with Google location tracking turned off, certain apps will take a timestamped snapshot of the user’s location and store that data when the user performs a search, opens Google Maps, or checks the weather.The unexpected Google location tracking behavior on Android and iOS devices has been confirmed by computer science researchers at Princeton University.

Read more about how it is possible for Google to track your movements even when location tracking is turned off, on TechTarget.

Digital trust: Security pros, business execs and consumers see it differently

An extensive global survey of consumers, cybersecurity professionals and business executives about their views on digital trust conducted by analyst firm Frost & Sullivan, highlights how consumers perceive and trust organizations to protect their digital data.

Responses to the survey showed that the Digital Trust Index for 2018 is 61 points out of 100, a score that indicates flagging faith from consumers surveyed in the ability or desire of organizations to fully protect user data.

Read more about the findings of the new survey by Frost & Sullivan on Help Net Security.

California Consumer Privacy Act: What you need to know to be compliant

In late June, 2018, California passed a consumer privacy act, AB 375, that could have more repercussions on U.S. companies than the European Union’s General Data Protection Regulation (GDPR) that went into effect this past spring. The California law doesn’t have some of GDPR’s most onerous requirements, but in certain respects it goes even farther.

The California Consumer Privacy Act takes a broader view than the GDPR of what constitutes private data. The challenge for security, then, is to locate and secure that private data.

Read more about California’s new privacy law, AB 375, and learn how to be compliant on CSO.

Privacy pros gaining control of technology decision-making over IT

TrustArc and IAPP announced the results of new research that examined how privacy technology is bought and deployed to address privacy and data protection challenges.

Surveying privacy professionals worldwide, the findings of the survey show that privacy management technology usage is on the rise across all regions and that privacy teams have significant influence on purchasing decisions for eight of the ten technology categories surveyed.

Read more about the findings of the new survey by TrustArc and IAPP on Help Net Security.