Is a shift in power over how data privacy is handled overdue?
Should online data collection be opt-in? Can Yahoo ever make a comeback from breaching one million users' data? Do you know how to tell what company has sold your data? Would you infect two friends with ransomware to free yourself? Do you need a digital detox?
A carefully curated summary of the top data-news from the week:
Citizens need to be empowered to know WHEN and WHY they are being tracked
For government surveillance, there needs to be a CLEARER DISTINCTION between collecting metadata and the actual content of the communication
The ever-growing need for encrypted communication technology “that can’t be intercepted, that can’t be censored, that can’t be controlled, that can go anywhere on Earth"
Leaked EU documents revealed a strict privacy proposal to only allow opt-in data collection online. 🤔 This would "disable websites and browsers from being able to track people's online behaviour and target them with advertising unless they have opted in". The proposal takes data privacy a step further than GDPR, and has been criticised for "victimising publishers". IMPORTANT: companies would need to prove the value to customers to make them agree to share their data. 🙌
A lawsuit against Uber from a former employee revealed insecure data practices. It is claimed that "Uber did not take the necessary precautions to prevent employees from snooping on their ex-girlfriends or querying the accounts of celebrities". ⛔ The recent Uber update has been criticised for collecting an increased amount of location data - and the prospect that any employee could easily access this sensitive data is frightening. Needs sorting! 🚗
Yahoo managed to break their own record for the LARGEST DATA BREACH in history. Over one BILLION Yahoo accounts have been compromised - with Yahoo claiming the hack was "state-sponsored". 🕵 This announcement leaves lots of open questions around the Verizon deal, how to close Yahoo accounts and whether Yahoo should accept defeat... 💭 Again: highlights the importance of NEVER re-using passwords. Although the Yahoo breach did not reveal any financial information, the same logins can be used on other websites. 💀 Think you might be at risk? Get more info here.
The personal data of more than 200 million people is for sale on the Darknet for $600 dollars - claiming to be from Experian. 😶 The enrichment data includes more than 80 personal attributes; from personally identifiable information, credit ratings, marital status, number of children, net worth and household income. CRUCIALLY: the eventual buyer of this information could use it to target or even kidnap high earners, especially if they travel overseas. 😱
The personal health data of 34,000 customers of Quest Diagnostics, a New Jersey based medical laboratory company, was breached through the use of "an improperly secured mobile app that lets patients share and store electronic health records". -- Reddit user mc1nc4 pointed out a genius LifeProTip as a way to know who has sold or breached your data: When you sign up for anything online, put the website name as your middle name. 🤓 ✅
Would you infect two people with ransomeware to release your own data? 😰 Popcorn Time offers victims the option to share malware with friends if they cannot afford the Bitcoin payout and are then freed if two people pay up. 😐
Merry Christmas everyone! 🎅🎉