Reading view
OpenAI fined €15 million for using personal data to train ChatGPT without consent
Since its launch over two years ago, OpenAI’s ChatGPT has attracted over 100 million users, with 300 million engaging weekly. But as its popularity grows, so do concerns about how personal data is used. Recent findings reveal that OpenAI trained […]
The post OpenAI fined €15 million for using personal data to train ChatGPT without consent first appeared on Tech Startups.
Why Apple sends spyware victims to this nonprofit security lab
Cybersecurity experts, who work with human rights defenders and journalists, agree that Apple is doing the right thing by sending notifications to victims of mercenary spyware — and at the same time refusing to forensically analyze the devices.
© 2024 TechCrunch. All rights reserved. For personal use only.
World(coin) must let Europeans comprehensively delete their data, under privacy order
It took a lot more than the initially slated few weeks to arrive, but a pivotal privacy decision that’s been hanging over Sam Altman’s World (aka Worldcoin) for months has finally landed, via a late December decision from the Bavarian data protection authority enforcing the bloc’s General Data Protection Regulation (GDPR), a comprehensive privacy framework […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Apple and Meta go to war over interoperability vs. privacy
Apple and Meta are warring in Europe over the balance between interoperability and privacy, Reuters reports. The fight focuses on the European Union’s Digital Markets Act (DMA), a competition regulation that requires designated gatekeepers (including Apple and Meta) not to restrict rivals’ access to so-called core platform services. In Apple’s case, this means: iOS, iPadOS, […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Congress Again Fails to Limit Scope of Spy Powers in New Defense Bill
With 25M users, Bluesky gets a $1M fund to take on social media and AI
The fund will offer grants to those building on BlueSky’s open source AT Protocol.
© 2024 TechCrunch. All rights reserved. For personal use only.
EU privacy body weighs in on some tricky GenAI lawfulness questions
The European Data Protection Board (EDPB) published an opinion on Wednesday that explores how AI developers might use personal data to develop and deploy AI models, such as large language models (LLMs), without falling foul of the bloc’s privacy laws. The Board plays a key steering role in the application of these laws, issuing guidance […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Five years later… Netflix hit with Dutch data access fine
Five years later sounds like a half-baked sequel to a well-known zombie flick franchise. But it’s a reference to how long it’s taken a data access complaint against Netflix to deliver a penalty decision in the European Union. The fine that’s — finally — been issued under the bloc’s General Data Protection Regulation (GDPR) is […]
© 2024 TechCrunch. All rights reserved. For personal use only.
DHS Says China, Russia, Iran, and Israel Are Spying on People in US with SS7
The Department of Homeland Security (DHS) believes that China, Russia, Iran, and Israel are the “primary” countries exploiting security holes in telecommunications networks to spy on people inside the United States, which can include tracking their physical movements and intercepting calls and texts, according to information released by Senator Ron Wyden.
The news provides more context around use of SS7, the exploited network and protocol, against phones in the country. In May, 404 Media reported that an official inside DHS’s Cybersecurity Infrastructure and Security Agency (CISA) broke with his department’s official narrative and publicly warned about multiple SS7 attacks on U.S. persons in recent years. Now, the newly disclosed information provides more specifics on where at least some SS7 attacks are originating from.
The information is included in a letter the Department of Defense (DoD) wrote in response to queries from the office of Senator Wyden. The letter says that in September 2017 DHS personnel gave a presentation on SS7 security threats at an event open to U.S. government officials. The letter says that Wyden staff attended the event and saw the presentation. One slide identified the “primary countries reportedly using telecom assets of other nations to exploit U.S. subscribers,” it continues.
Meta fined $263M over 2018 security breach that affected ~3M EU Facebook users
Meta has been fined €251 million (around $263 million) in the European Union for a Facebook security breach that affected millions of users, which the company disclosed back in September 2018. The penalty, issued on Tuesday by Ireland’s Data Protection Commission (DPC) enforcing the bloc’s General Data Protection Regulation (GDPR), is far from being the […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Meta to set up $50M privacy payment scheme to settle Australian proceeding
Meta has agreed to a $50 million payment program to settle a long-running proceeding in Australia related to misuse of information for political ad targeting, the country’s information watchdog OAIC announced Tuesday. The settlement concerns the 2018 Cambridge Analytica scandal, when data on millions of Facebook users was exfiltrated without their knowledge or consent by […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Merry Christmas, Your New Air Fryer Is Spying on You
Regulators in America and Britain are looking to crack down on the nightmarish data harvesting the IOT has brought into our lives.
Cellebrite Unlocked This Journalist’s Phone. Cops Then Infected it With Malware
Authorities in Serbia have repeatedly used Cellebrite tools to unlock mobile phones so they could then infect them with potent malware, including the phones of activists and a journalist, according to a new report from human rights organization Amnesty International.
The report is significant because it shows that although Cellebrite devices are typically designed to unlock or extract data from phones that authorities have physical access to, they can also be used to open the door for installing active surveillance technology. In these cases, the devices were infected with malware and then returned to the targets. Amnesty also says it, along with researchers at Google, discovered a vulnerability in a wide spread of Android phones which Cellebrite was exploiting. Qualcomm, the impacted chip manufacturer, has since fixed that vulnerability. And Amnesty says Google has remotely wiped the spyware from other infected devices.
“I am concerned by the way police behave during the incident, especially the way how they took/extracted the data from my mobilephone without using legal procedures. The fact that they extracted 1.6 GB data from my mobilephone, including personal, family and business information as well as information about our associates and people serving as a ‘source of information’ for journalist research, is unacceptable,” Slaviša Milanov, deputy editor and journalist of Serbian outlet FAR and whose phone was targeted in such a way, told 404 Media. Milanov covers, among other things, corruption.
Microsoft’s AI Recall Tool Is Still Sucking Up Credit Card and Social Security Numbers
Human Misuse Will Make Artificial Intelligence More Dangerous
Controversial EU ad campaign on X broke bloc’s own privacy rules
The European Union’s executive body is facing an embarrassing privacy scandal after it was confirmed on Friday that a Commission ad campaign on X (formerly Twitter) breached the EU’s own data protection rules. The finding by the EU’s oversight body, the European Data Protection Supervisor (EDPS), relates to a micro-targeted ad campaign that the Commission […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Texas AG is investigating Character.AI, other platforms over child safety concerns
Texas attorney general Ken Paxton on Thursday launched an investigation into Character.AI and 14 other technology platforms over child privacy and safety concerns. The investigation will assess whether Character.AI — and other platforms that are popular with young people, including Reddit, Instagram, and Discord — conform to Texas’ child privacy and safety laws. The investigation […]
© 2024 TechCrunch. All rights reserved. For personal use only.
BeReal hit with privacy complaint over how it asks EU users to agree to tracking
Right after BeReal got acquired by French mobile games publisher Voodoo this summer, the candid selfie-sharing app which has been popular with Gen Zers changed how it asks users to consent to tracking. The resulting pop-up is now the target of a privacy complaint in Europe. Confirmed breaches of the bloc’s General Data Protection Regulation […]
© 2024 TechCrunch. All rights reserved. For personal use only.
Bid to revive UK privacy damages suit against Google DeepMind fails to show class
Another attempt to get a class action-style privacy damages case to stick against Google has failed in the U.K. after the Court of Appeal refused to overturn an earlier dismissal. The lawsuit concerned the misuse of health records for some 1.6 million patients whose information was passed to Google’s AI division, DeepMind, back in 2015 […]
© 2024 TechCrunch. All rights reserved. For personal use only.