Oregon Democratic Senator Ron Wyden drafted a data privacy bill akin to the recent General Data Protection Regulation (GDPR) legislation in Europe. Dubbed the Consumer Data Protection Act, Wyden’s bill would give users more control over selling and sharing their data, and would give the Federal Trade Commission authority to set privacy and security standards and fine those companies that do not protect consumer data. One provision is a “Do Not Track” feature that would allow people to opt out of being tracked. Continue reading Oregon Senator Proposes a Consumer Data Protection Bill

Facebook downgraded the number of users hacked two weeks ago to 30 million, revealing that the personal information stolen was more substantial for 14 million of the those hacked, including gender, religion, telephone number, email addresses and computing devices used to connect to Facebook. Hackers also captured the last 15 people or things the user had searched for on Facebook and the last 10 physical locations he had checked into. Another 15 million profiles were scraped for names and contact information. Continue reading Facebook Offers More Hack Details, Exposes Web Scraping

Uber Technologies acknowledged that one year ago it paid hackers $100,000 to hide a data breach that impacted 47 million accounts. The company fired then-chief security officer Joe Sullivan and deputy Craig Clark for both the breach itself and concealing it. The hackers got the names, emails and phone numbers of millions of riders as well as 600,000 drivers’ license numbers, although apparently Social Security numbers and credit card numbers were not accessed. Uber says it will inform those impacted by the breach in “coming days.” Continue reading New Uber CEO Faces the Impact of Undisclosed Data Breach

Yahoo announced yesterday that all 3 billion of its user accounts were affected by a previously disclosed August 2013 cyberattack, originally reported by the company as affecting 1 billion accounts. Yahoo had earlier reported that a separate 2014 attack affected 500 million accounts. Last year we learned that, “digital thieves made off with names, birth dates, phone numbers and passwords of users that were encrypted with security that was easy to crack,” according to The New York Times. “The intruders also obtained the security questions and backup email addresses used to reset lost passwords.” Continue reading Security Update: 3 Billion Yahoo Accounts Hit in 2013 Attack

Cyberattacks are on the rise, with major corporations, media companies, the healthcare industry and even the federal government becoming targets of hacking. Recent incidents involved media content as hackers threatened early releases of movies and streaming series if the property owners failed to pay ransoms. Hackers called the Shadow Brokers told the NSA they would release secret espionage tools unless the agency pays up. Security experts suggest that this type of extortion has had mixed results thus far. Continue reading Extortion Hacking On the Rise, But Does Not Always Pay Off

When Facebook bought the popular free messaging service WhatsApp, it promised it wouldn’t change the privacy policies. Now the company has done just that, and organizations including the Electronic Privacy Information Center (EPIC) and the Center for Digital Democracy are not happy. Facebook has stated it will now connect users’ phone numbers with Facebook’s systems, offering “better friend suggestions” and more relevant ads. The new approach will help Facebook finally monetize WhatsApp. Continue reading WhatsApp Updates Privacy Policy, Shares Data with Facebook

President Obama’s Commission on Enhancing National Cybersecurity met with tech industry executives at UC Berkeley to gather suggestions on how to improve cybersecurity. Executives from Google, Facebook, Dropbox and others had their own agenda: to move the issues of consumer data privacy, transparency and sharing of cyber threats towards more openness. Former NSA director General Keith Alexander and Uber chief security officer Joe Sullivan are among the members of the commission. Continue reading Feds, Tech Titans Grapple Over Approaches to Cybersecurity

Edward Snowden, the former government contractor who famously leaked thousands of classified NSA documents, made an appearance at the Suitable Technologies booth during CES by way of a video chatting device on wheels. Snowden used a Beam telepresence device by Suitable to chat with founder of the Xprize Foundation Peter Diamandis about the future of technology and government surveillance. Snowden faces arrest if he returns the United States, so he touted the Beam technology as a way to stay connected. Continue reading Whistleblower Edward Snowden Virtually Attends CES 2016

Two years after government contractor Edward Snowden famously leaked secret NSA documents, another release of classified information has occurred. This time, The Intercept — which is staffed by journalists who previously worked with Snowden — has published what it claims is a comprehensive breakdown of the U.S. government’s military drone program. The report, featuring documents provided by another whistleblower, offers details regarding U.S. strategy to kill foreign targets in Afghanistan, Somalia and Yemen — and highlights the unintended consequences involved with drone wars. Continue reading Leaked Documents Offer Details of U.S. Military’s Drone Wars

The European Union’s highest court, the European Court of Justice, dealt a blow to the American tech industry yesterday when it struck down the international Safe Harbor agreement that previously allowed companies to move digital information between the EU and the U.S. The pact allowed companies to transfer data such as social media updates and online search histories. However, the court ruled that Safe Harbor was flawed since the U.S. government used it to access the online information of Europeans, an issue that was raised by NSA whistleblower Edward Snowden. Continue reading European Court Rules Data Transfer Pact with U.S. is Invalid

Cybersecurity technology from Los Alamos National Laboratory is now available to banks and other private sector businesses, via the consulting firm Ernst & Young. The New Mexico lab, benefitting from the $1 billion the U.S. spends a year on unclassified cybersecurity research, has developed a great deal of relevant technology, but is not set up to market the results of its own research. Ernst & Young, which consults on cybersecurity, will communicate the lab’s products and add its own expertise. Continue reading New Initiative: U.S. Offers Cybersecurity Tech to Private Sector

The Department of Commerce announced that it would renew its contract with the Internet Corporation for Assigned Names and Numbers (ICANN) for one year (with options to extend it another three years), delaying its plans to relinquish oversight of one aspect of Internet governance. Commerce has overseen ICANN’s management of the Internet’s domain-name system since 1998. But last year, the Obama administration proposed transferring the oversight to international stakeholders, a plan that has met criticism regarding the potential impact to free expression. Continue reading U.S. Renews Contract with ICANN, Delays Giving Up Oversight

Google, which enjoyed enormous popularity and usage numbers in the European Union, now suffers blowback from information revealed in the NSA documents leaked by Edward Snowden. Not long ago, free-speech advocates in many countries applauded Google for shutting down its China site rather than face censorship, and Google has also been seen on the right side of history during the Arab Spring and in Syria. But now, the EU is accusing the tech giant of abusing its power — and it is looking for payback via an antitrust suit. Continue reading Google’s Fall From Grace in EU Culminates in Antitrust Suit

A group of 14 preeminent international cryptographers and computer scientists reported that offering government access to encrypted communications puts the world’s confidential data and infrastructure at risk. The report is in response to demands by the U.S. and British governments that technology companies provide a digital key for encrypted data. Conflict has been heating up between privacy advocates and government agencies over encryption, and the report is the latest move by technologists to counter government demands. Continue reading Silicon Valley and Security Experts Face Off Over Encryption

New language in China’s recently enacted national security law is generating major concern across the global technology industry. The rules call for a “national security review” of networking, tech products and services, and foreign investment. In addition, the rules call for crucial tech sectors to be made “secure and controllable,” which industry groups fear may suggest that back doors for allowing third-party access to systems would be necessary, perhaps even leading to the sharing of encryption keys or source code. Continue reading New Chinese Security Law Raises Concerns by Tech Industry