No cookie consent walls — and no, scrolling isn’t consent, says EU data protection body

You can’t make access to your website’s content dependant on a visitor agreeing that you can process their data — aka a ‘consent cookie wall’. Not if you need to be compliant with European data protection law.
That’s the unambiguous message from the European Data Protection Board (EDPB), which has published updated guidelines on the rules around online consent to process people’s data.
Under pan-EU law, consent is one of six lawful bases that data controllers can use when processing people’s personal data.
But in order for consent to be legally valid under Europe’s General Data Protection Regulation (GDPR) there are specific standards to meet: It must be clear and informed, specific and freely given.
Hence cookie walls that demand ‘consent’ as the price for getting inside the club are not only an oxymoron but run into a legal brick wall.
No consent behind a cookie wall
The regional cookie wall has been crumbling for some


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/N6f00-vNADg/

Original article

Signal is finally bringing its secure messaging to the masses

Enlarge (credit: Getty Images)
Last month, the cryptographer and coder known as Moxie Marlinspike was getting settled on an airplane when his seatmate, a midwestern-looking man in his 60s, asked for help. He couldn’t figure out how to enable airplane mode on his aging Android phone. But when Marlinspike saw the screen, he wondered for a moment if he was being trolled: Among just a handful of apps installed on the phone was Signal.
Marlinspike launched Signal, widely considered the world’s most secure end-to-end encrypted messaging app, nearly five years ago, and today heads the nonprofit Signal Foundation that maintains it. But the man on the plane didn’t know any of that. He was not, in fact, trolling Marlinspike, who politely showed him how to enable airplane mode and handed the phone back.
“I try to remember moments like that in building Signal,” Marlinspike told Wired in an interview over a Signal-enabled


Original URL: https://arstechnica.com/?p=1654057

Original article

Amazon’s Ring Doorbell Update Allows Opt Out of All Police Video Requests

Amazon’s Ring doorbell has rolled out a new update that lets users add and remove shared users on an account, restrict third-party access, view two-factor authentication settings, and (perhaps, most importantly) opt out of all video request notifications from law enforcement. Mashable reports: Uncovered in reporting by Motherboard and Gizmodo in 2019, the scale of Amazon’s Neighbor Portal program is much larger than originally believed — and its various affiliations with law enforcement has raised alarming ethical questions. In the new update, users will be able to see an “Active Law Enforcement Map” clarifying which local institutions are part of the Neighbor Portal network. They will also be able to disable requests for video from officials, whether or not they have received one in the past. (This feature was available previously, but an account had to have received one request for the opt-out option to appear.)

That said, Ring is


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/ACcncwZTzfc/amazons-ring-doorbell-update-allows-opt-out-of-all-police-video-requests

Original article

Verizon Media Launches OneSearch, a Privacy-Focused Search Engine

An anonymous reader quotes a report from VentureBeat: Verizon Media, the media and digital offshoot of telecommunications giant Verizon, has launched a “privacy-focused” search engine called OneSearch. With OneSearch, Verizon promises there will be no cookie tracking, no ad personalization, no profiling, no data-storing, and no data-sharing with advertisers.

With its default dark mode, OneSearch lets you know that Advanced Privacy Mode is activated. You can manually toggle this mode to the “off” position which returns a brighter interface, but with this setting deactivated you won’t have access to privacy features such as search-term encryption. With Advanced Privacy Mode on, links to search results will only be shareable for an hour, after which time they will “self-destruct” and return an error to anyone who clicks on it. More broadly, the OneSearch interface is clean and fairly familiar to anyone who has used a search engine before. But at its core,


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/uac24DXF_I8/verizon-media-launches-onesearch-a-privacy-focused-search-engine

Original article

Microsoft will honor Californian privacy laws across the entire US

Microsoft has announced that it plans to honor the California Consumer Privacy Act (CCPA) across the whole of the United States, not just in California. In Europe, GDPR (General Data Protection Regulation) has done a lot to protect people’s privacy, and some companies have opted to voluntarily apply similar policies in the US. Microsoft, however, is the first major US company to say it will expand CCPA outside of its home state, bringing greater privacy protection to people across America. See also: Microsoft listens to feedback and removes Downloads folder from Disk Cleanup Microsoft’s Surface Pro X is better than… [Continue Reading]


Original URL: https://betanews.com/2019/11/12/microsoft-ccpa/

Original article

Web Scraping Doesn’t Violate Anti-Hacking Law, Appeal Court Rules

An anonymous reader quotes a report from Ars Technica: Scraping a public website without the approval of the website’s owner isn’t a violation of the Computer Fraud and Abuse Act, an appeals court ruled on Monday. The ruling comes in a legal battle that pits Microsoft-owned LinkedIn against a small data-analytics company called hiQ Labs. HiQ scrapes data from the public profiles of LinkedIn users, then uses the data to help companies better understand their own workforces. After tolerating hiQ’s scraping activities for several years, LinkedIn sent the company a cease-and-desist letter in 2017 demanding that hiQ stop harvesting data from LinkedIn profiles. Among other things, LinkedIn argued that hiQ was violating the Computer Fraud and Abuse Act, America’s main anti-hacking law.

This posed an existential threat to hiQ because the LinkedIn website is hiQ’s main source of data about clients’ employees. So hiQ sued LinkedIn, seeking not only a


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/82QjaLJzTjU/web-scraping-doesnt-violate-anti-hacking-law-appeal-court-rules

Original article

Huge Collection #1 database leak exposes 773 million email addresses and 21 million passwords

A massive database leak — dubbed Collection #1 — has made its way to hacking forums, exposing millions of email addresses and passwords. The news was first shared by Troy Hunt — the man behind Have I Been Pwned? — who explains that the leak comprises, “many different individual data breaches from literally thousands of different sources”. Hunt explains that there are “1,160,253,228 unique combinations of email addresses and passwords”, so there are a very large number of people that may have been affected by the leak. See also: Organizations suffer breaches despite confidence in their security measures Email security… [Continue Reading]


Original URL: https://betanews.com/2019/01/17/collection-1-email-password-leak/

Original article

Facebook is the new crapware

Welcome to 2019 where we learn Facebook is the new crapware.
Sorry #DeleteFacebook, you never stood a chance.
Yesterday Bloomberg reported that the scandal-beset social media behemoth has inked an unknown number of agreements with Android smartphone makers, mobile carriers and OSes around the world to not only pre-load Facebook’s eponymous app on hardware but render the software undeleteable; a permanent feature of your device, whether you like how the company’s app can track your every move and digital action or not.
Bloomberg spoke to a U.S. owner of a Samsung Galaxy S8 who, after reading forum discussions about Samsung devices, found his own pre-loaded Facebook app could not be removed. It could only be “disabled”, with no explanation available to him as to what exactly that meant.
The Galaxy S8 retailed for $725+ when it went on sale in the U.S. two years ago.
A Facebook spokesperson told Bloomberg that a disabled permanent app doesn’t continue


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/C2FHmikTbj8/

Original article

Tim Cook calls for strong US privacy law, rips “data-industrial complex”

Enlarge / Apple CEO Tim Cook speaks at the International Conference of Data Protection and Privacy Commissioners (ICDPPC) in Brussels. (credit: European Data Protection Supervisor)
Apple CEO Tim Cook today called on the US government to pass “a comprehensive federal privacy law,” saying that tech companies that collect wide swaths of user data are engaging in surveillance.
Speaking at the International Conference of Data Protection and Privacy Commissioners (ICDPPC) in Brussels, Cook said that businesses are creating “an enduring digital profile” of each user and that the trade of such data “has exploded into a data-industrial complex.”
“This is surveillance,” Cook said. “And these stockpiles of personal data serve only to enrich the companies that collect them. This should make us very uncomfortable.”
Read 10 remaining paragraphs | Comments


Original URL: https://arstechnica.com/?p=1399403

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: