Reading view

There are new articles available, click to refresh the page.

OpenAI fined €15 million for using personal data to train ChatGPT without consent

Since its launch over two years ago, OpenAI’s ChatGPT has attracted over 100 million users, with 300 million engaging weekly. But as its popularity grows, so do concerns about how personal data is used. Recent findings reveal that OpenAI trained […]

The post OpenAI fined €15 million for using personal data to train ChatGPT without consent first appeared on Tech Startups.

Why Apple sends spyware victims to this nonprofit security lab

Cybersecurity experts, who work with human rights defenders and journalists, agree that Apple is doing the right thing by sending notifications to victims of mercenary spyware — and at the same time refusing to forensically analyze the devices.

© 2024 TechCrunch. All rights reserved. For personal use only.

World(coin) must let Europeans comprehensively delete their data, under privacy order

It took a lot more than the initially slated few weeks to arrive, but a pivotal privacy decision that’s been hanging over Sam Altman’s World (aka Worldcoin) for months has finally landed, via a late December decision from the Bavarian data protection authority enforcing the bloc’s General Data Protection Regulation (GDPR), a comprehensive privacy framework […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Apple and Meta go to war over interoperability vs. privacy

Apple and Meta are warring in Europe over the balance between interoperability and privacy, Reuters reports. The fight focuses on the European Union’s Digital Markets Act (DMA), a competition regulation that requires designated gatekeepers (including Apple and Meta) not to restrict rivals’ access to so-called core platform services. In Apple’s case, this means: iOS, iPadOS, […]

© 2024 TechCrunch. All rights reserved. For personal use only.

EU privacy body weighs in on some tricky GenAI lawfulness questions

The European Data Protection Board (EDPB) published an opinion on Wednesday that explores how AI developers might use personal data to develop and deploy AI models, such as large language models (LLMs), without falling foul of the bloc’s privacy laws. The Board plays a key steering role in the application of these laws, issuing guidance […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Five years later… Netflix hit with Dutch data access fine

Five years later sounds like a half-baked sequel to a well-known zombie flick franchise. But it’s a reference to how long it’s taken a data access complaint against Netflix to deliver a penalty decision in the European Union. The fine that’s — finally — been issued under the bloc’s General Data Protection Regulation (GDPR) is […]

© 2024 TechCrunch. All rights reserved. For personal use only.

DHS Says China, Russia, Iran, and Israel Are Spying on People in US with SS7

DHS Says China, Russia, Iran, and Israel Are Spying on People in US with SS7

The Department of Homeland Security (DHS) believes that China, Russia, Iran, and Israel are the “primary” countries exploiting security holes in telecommunications networks to spy on people inside the United States, which can include tracking their physical movements and intercepting calls and texts, according to information released by Senator Ron Wyden.

The news provides more context around use of SS7, the exploited network and protocol, against phones in the country. In May, 404 Media reported that an official inside DHS’s Cybersecurity Infrastructure and Security Agency (CISA) broke with his department’s official narrative and publicly warned about multiple SS7 attacks on U.S. persons in recent years. Now, the newly disclosed information provides more specifics on where at least some SS7 attacks are originating from.

The information is included in a letter the Department of Defense (DoD) wrote in response to queries from the office of Senator Wyden. The letter says that in September 2017 DHS personnel gave a presentation on SS7 security threats at an event open to U.S. government officials. The letter says that Wyden staff attended the event and saw the presentation. One slide identified the “primary countries reportedly using telecom assets of other nations to exploit U.S. subscribers,” it continues.

Meta fined $263M over 2018 security breach that affected ~3M EU Facebook users

Meta has been fined €251 million (around $263 million) in the European Union for a Facebook security breach that affected millions of users, which the company disclosed back in September 2018. The penalty, issued on Tuesday by Ireland’s Data Protection Commission (DPC) enforcing the bloc’s General Data Protection Regulation (GDPR), is far from being the […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Meta to set up $50M privacy payment scheme to settle Australian proceeding

Meta has agreed to a $50 million payment program to settle a long-running proceeding in Australia related to misuse of information for political ad targeting, the country’s information watchdog OAIC announced Tuesday. The settlement concerns the 2018 Cambridge Analytica scandal, when data on millions of Facebook users was exfiltrated without their knowledge or consent by […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Cellebrite Unlocked This Journalist’s Phone. Cops Then Infected it With Malware

Cellebrite Unlocked This Journalist’s Phone. Cops Then Infected it With Malware

Authorities in Serbia have repeatedly used Cellebrite tools to unlock mobile phones so they could then infect them with potent malware, including the phones of activists and a journalist, according to a new report from human rights organization Amnesty International.

The report is significant because it shows that although Cellebrite devices are typically designed to unlock or extract data from phones that authorities have physical access to, they can also be used to open the door for installing active surveillance technology. In these cases, the devices were infected with malware and then returned to the targets. Amnesty also says it, along with researchers at Google, discovered a vulnerability in a wide spread of Android phones which Cellebrite was exploiting. Qualcomm, the impacted chip manufacturer, has since fixed that vulnerability. And Amnesty says Google has remotely wiped the spyware from other infected devices.

“I am concerned by the way police behave during the incident, especially the way how they took/extracted the data from my mobilephone without using legal procedures. The fact that they extracted 1.6 GB data from my mobilephone, including personal, family and business information as well as information about our associates and people serving as a ‘source of information’ for journalist research, is unacceptable,” Slaviša Milanov, deputy editor and journalist of Serbian outlet FAR and whose phone was targeted in such a way, told 404 Media. Milanov covers, among other things, corruption. 

Controversial EU ad campaign on X broke bloc’s own privacy rules

The European Union’s executive body is facing an embarrassing privacy scandal after it was confirmed on Friday that a Commission ad campaign on X (formerly Twitter) breached the EU’s own data protection rules. The finding by the EU’s oversight body, the European Data Protection Supervisor (EDPS), relates to a micro-targeted ad campaign that the Commission […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Texas AG is investigating Character.AI, other platforms over child safety concerns

Texas attorney general Ken Paxton on Thursday launched an investigation into Character.AI and 14 other technology platforms over child privacy and safety concerns. The investigation will assess whether Character.AI — and other platforms that are popular with young people, including Reddit, Instagram, and Discord — conform to Texas’ child privacy and safety laws. The investigation […]

© 2024 TechCrunch. All rights reserved. For personal use only.

BeReal hit with privacy complaint over how it asks EU users to agree to tracking

Right after BeReal got acquired by French mobile games publisher Voodoo this summer, the candid selfie-sharing app which has been popular with Gen Zers changed how it asks users to consent to tracking. The resulting pop-up is now the target of a privacy complaint in Europe. Confirmed breaches of the bloc’s General Data Protection Regulation […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Bid to revive UK privacy damages suit against Google DeepMind fails to show class

Another attempt to get a class action-style privacy damages case to stick against Google has failed in the U.K. after the Court of Appeal refused to overturn an earlier dismissal. The lawsuit concerned the misuse of health records for some 1.6 million patients whose information was passed to Google’s AI division, DeepMind, back in 2015 […]

© 2024 TechCrunch. All rights reserved. For personal use only.

❌