Privacy News Online | Weekly Review: March 5, 2021
Featured: Privacy News Online – Week of March 5th, 2021
Judge rules that California can continue with its net neutrality law
Californians first passed their net neutrality law, SB 822, back in 2018 after the FCC repealed net neutrality laws for the entire country. Since 2018, internet service providers and various lobbying groups have been fighting the law in court but they were only able to delay it for so long. Judge John Mendez’s decision has drawn praise from across the state including from California’s Attorney General.
Congressional hearing investigates role of cryptocurrencies in domestic terrorism financing
Congress’s Subcommittee on National Security, International Development, and Monetary Policy recently held a hearing aimed at figuring out if the insurrection at the Capitol back in January could have been funded by cryptocurrency. The hearing was premised on the grounds that privacy rights and civil liberties are impeding investigations into how domestic terrorism is being financed. An expert testified that blockchains such as Bitcoin are pseudonymous, not anonymous, and can actually help authorities in their investigations.
More Privacy News This Week:
Users largely unaware of the privacy implications of location tracking
Researchers from Italy and the UK have released a new study which highlights that location information can leak privacy. To showcase just how much private information can be inferred from just location information, the researchers created an app called TrackingAdvisor which was allowed to collect location information 24/7. In just two weeks, they were able to figure out private information such as the app user’s home location, demographics, habits, interests, and even insight into the user’s personality.
Why would you ever trust Amazon’s Alexa after this?
A group of researchers from universities in Germany and the United States have done a privacy study on Alexa Skills. Turns out, the majority of Alexa Skills don’t have a privacy policy. Amazon lets developers publish Alexa Skills under any name – so fake Alexa Skills published under the name of established corporations are rampant. A previous set of researchers even successfully uploaded skills that blatantly broke Amazon’s privacy policy.
Judge approves $650 million settlement of Facebook privacy lawsuit linked to facial photo tagging
Facebook has finally reached a settlement amount to end a 2015 class action lawsuit relating to their facial recognition algorithm. Facebook will need to pay a whopping 650 million for violating Illinois’s Biometric Information Privacy Act. The 1.6 million individuals involved in the class action lawsuit will receive about 345 dollars each. This is one of the largest settlements in the digital privacy space ever.
Google Chrome will soon default to HTTPS when you type a domain name in the address bar
Browsers generally try the non-secure HTTP protocol when you type a domain in the address bar and it is up to the site to redirect you to HTTPS. Beginning with Google Chrome 90 due in mid-April, Google plans to default to HTTPS instead.
A weaponized exploit for the SCEPTRE CPU vulnerability has been found online
This is the first time that exploit code has becomee available to the general public since the flaw first came to light in January 2018. Some potential SPECTRE attacks were mitigated via OS and browser patches in 2018, but it remains to be seen whether the newly discovered exploit code may require further OS patches. There is some concern that the malware may try to exploit SPECTRE using this weaponized code.
Brought to you by Private Internet Access
Privacy News Online is brought to you by Private Internet Access, the world’s most trusted VPN service.
Special thanks to Intego
Thank you to Josh Long, our cybersecurity correspondent from Intego, makers of award-winning security software.
