Privacy and the Internet Research Repository

Who Own's Your Data? 

Who should own your data? This question is examined through the example of smart tractors. Smart tractors collect data via GPS, which is then used to predict crop profitability. When farmers are faced with an incentive to sell GPS data, what are the consequences of doing so?

Who Owns Your Data? (Hint: It's not you)

In our world, data belongs to those who collect it. This video by PHD Comics, introduces concepts such as digital privacy, big data, and the internet of things.

Your Bosses Could Have a File on You, and They May Misinterpret It

Some employers rely on semi-automated tools, like monitoring software and behavioral analytics, to assess employees. The growth in private sector monitoring raises ethical questions.

FBI Conducted Potentially Millions of Searches of Americans' Data Last Year, Report Says

The Federal Bureau of Investigation (FBI) performed potentially millions of searches of American electronic data last year without a warrant, raising concerns about government surveillance and privacy.

I Scraped Millions of Venmo Payments. Your Data Is at Risk

Venmo is a useful app for transfering money. Beside aiding the transferring of funds, Venmo has made the sending and receiving of money a social affair. What can hackers glean about a person from innocuous transaction data? It turns out Venmo data can be used to facilitate cyberattacks.

It's Not That Hard to Unmask Real People in Anonymous Data, Researchers Warn

Data brokers claim to anonymize their data sets. While metadata is technically anonymous, de-anonymizing data is simple. This post highlights a tool which calculates how likely you'd be correctly identified in anonymous data sets.

Four Cents to Deanonymize: Companies Reverse Hashed Email Addresses

Your identifying information, such as an email address, travel online in a hashed, non-personally identifiable manner. However, as this post explains, emails can easily be unhashed. Some companies charge as little as four cents to reverse hash an email address.

Suicide Hotline Shares Data With For-Profit Spinoff, Raising Ethical Questions

Crisis Text Line has control of the largest mental health data set in the world. Read to learn why ethics and privacy experts were concerned when Crisis Text Line shared data with a for-profit partner, Loris.ai.

Why Privacy Matters

We all should care about privacy. Privacy is not only pertinent for individuals who have actions to hide.

The Battle for Digital Privacy Is Reshaping the Internet

Big Tech companies are changing rules around online data collection, yet advertising remains at the center of the internet.

How to Protect Your Digital Privacy

Explore this guide to make changes to protect yourself and your information online, and learn why you might want to make them.

Can Privacy, Security and Ease of Use Work Together?

In an interview with Washington state Chief Privacy Officer Katy Ruckle, the role of data privacy in providing government services is explored.

Privacy for Young People

Explore the personal data Microsoft collects and how the company uses it in language that is easier to understand.

NFTs Are a Privacy and Security Nightmare

NFTs are unique, digital assets that represent real-world objects. However, today's NFT platforms lack fundamental security features. Read to learn why NFT’s are deemed low privacy.

Privacy, Protection of Personal Information and Reputation Rights

Explore the relationship between children’s rights, business and the internet in this series of discussion papers.

Attempts to Obsure Data Collection and Preserve Anonymity

The Pew Research Center surveyed Americans on their opinion of mass data collection and internet anonymity. Survey results concluded that most Americans support great limits on data collection and most express low levels of confidence in corporate data protection.

Americans and Privacy: Concerned, Confused and Feeling Lack of Control Over Their Personal Information

A majority of Americans believe their online and offline activities are being tracked and monitored by companies and the government.

Who Owns Our Data?

Personal data is a financial commodity and is often exploited by individual firms. The question of data ownership is a central concern. Explore the arguments surrounding private and collective data ownership.

Yes, Your Personal Information Is for Sale. Here's What to Do About It

Data brokers are sites that legally gather and sell your information. These sites use automated software to harvest information from tech companies, telecommunication providers, credit bureaus, tax records, court records, and other public sources. Personal data is then unified and sold at a listing price of $20.

You Are Data: The Fight to Protect Online Privacy 

As more and more personal information is being tracked online, data protection has become a growing concern. The state of Connecticut has created a data collection law, providing consumers with extended control over their digital privacy.

The High Privacy Cost of a “Free” Website

Most web pages do not charge a monetary entrance fee, however, the website is not free: you pay with your privacy. This reading explores how online behaviors are tracked and how tracking persists, even when site operators disable such technologies.

Giving Web a Memory Cost Its Users Privacy

Many privacy concerns can be traced back to cookies. While most companies use them responsibly, apprehension remains as cookies are not going away.

How Cookies Work - Do I have to Accept?

“Some cookies aren’t delicious; they track your personal data.” This resource examines website cookies, differentiates between valid and malicious types, and concludes by reviewing privacy protection tools.

Norfolk County Council Bolsters Productivity with IdentityIQ

Norfolk County Council used Sailpoint IdentityIQ to manage identities of individuals working within their organization. In addition, self-service password management was implemented for employees to manage their identities and passwords independently.

30-Second Privacy Fixes: Simple Ways to Protect Your Data

Privacy is more than just avoiding targeted ads, the personal information tech companies gather can affect our lives in unprecedented ways. Read to explore tips and techniques that will limit the way products and services collect, share, and make money off your data.

How to Use a Free Password Manager—and Make Your Logins Safer

Your usernames and password could be floating around the internet due to website data breaches. However, using a password manager can help protect your information as they can create strong passwords, store login credentials, autofill login information, protect your data, and export credentials to switch password managers.

How Everyone Can Get the Online Privacy They Want

“Cookie banners” appear on most websites due to a regulation requiring webpages to post their data collection policies. In reality, cookies are widely ineffective and do little to protect privacy. This article explores how technology could make it easier for consumers to gain control of their data.

Privacy-Enhancing Technologies and Building for the Future

Meta is working to use privacy-enhancing technologies that incorporate personalization, while becoming less reliant on individual third party data.

Every Step to Simple Online Security

Explore steps to increase your online security.

Worried About Personal Data Leaks? Here’s How to Lock Down Your Phone

Apps on your smartphone capture a plethora of personal information. Your phone is packed with GPS, camera, and sensitive data such as your contacts and health status. This article provides a checklist that will help you limit that amount of data you inadvertently share with your mobile apps.

The ‘Capital of Silicon Valley’ Is Ignoring Its Privacy Experts

In response to privacy concerns, San Jose created its Digital Privacy Advisory Taskforce. However, a series of emails obtained by Motherboard allude to clashes between Silicon Valley’s technologists and privacy experts.

Firefox Boosts Privacy by Giving ‘Total Cookie Protection’ to All Users by Default

Termed “Total Cookie Protection," Firefox has implemented a cookie restriction feature that protects against online tracking. Read to learn why blocking third party tracking is an immense privacy gain.

Why Data Ownership is the Wrong Approach to Protecting Privacy

Data ownership is an idea often expressed about information privacy. This article argues that viewing data as a commodity restricts the free flow of information and induces the trading of privacy rights.

Survey Says: IT Leaders on Their Biggest Data Privacy Challenges

Digital privacy legislation strives to license constituents a say in how their data is used and distributed. Learn how state and local government leaders respond in a survey about digital privacy.

On the Internet: Be Cautious When Connected

The FBI highlights how to exercise caution on the internet. The brief informatic emphasizes a need to protect your systems, data, connections, and information.

Now Cryptojacking Threatens Critical Infrastructure, Too

Cryptojacking was once confined to browsers, however, cybercriminals have now turned attention to the lucrative industrial networks. Learn how cryptojacking has become a threat to critical infrastructure.

Six Threats that Brought Digital Executive Protection into the Spotlight in 2021

Privacy concerns impact one's personal life and have entered the mainstream. Explore six trending threats that brought digital protection and privacy into the public eye.

Despite the Hype, iPhone Security is No Match for NSO Software

If you are an iPhone user, you may not be secure against malicious Pegasus installation. Pegasus spyware can collect emails, call records, sound recordings, and browsing histories. If you believe Apple products keep you safe from spyware, think again!

Ransomware

Ransomware is a form of malware that prevents users from accessing their systems, files, and data. Individual, business, or organization data is then held hostage until a ransom is paid ($600 - $700,000).

Mobile Ransomware

Starting in 2014, mobile ransomware attacks have been reported on a large scale. Mobile ransomware locks a device and demands a ransom for device and data restoration.

Mobile Spyware

Mobile spyware is a hidden malware that steals information, records audio, takes pictures, and tracks device location. Read to learn about spyware’s infection method and device remediation.

5 Reasons Your Endpoint Security Could be at Risk

IT cybersecurity professionals feel the ​​hybrid-work arrangement leaves their organizations more compromised and exposed to security threats.

Despite Decades of Hacking Attacks, Companies Leave Vast Amounts of Sensitive Data Unprotected

A surge in identity theft during the pandemic highlights how easily hackers can obtain people’s private data.

U.S. Cybersecurity Agency ‘Strongly Urges’ You Patch These 75 Actively Exploited Flaws

Learn about the most recent security vulnerabilities that impact Microsoft Windows, VMware, Cisco, and F5.

Teen's Tesla Hack Shows how Vulnerable Third-Party Apps may Make Cars

Cars have been hacked before, however, a German teenager became the first to hack a vehicle through an app. A 19 year old found a vulnerability in an app installed on some Teslas and was able to access the remote control of 35 vehicles.

Cybersecurity Laws & Regulations

The federal government has yet to pass a comprehensive cyber security law. In compensation, precursing internet regulations have expanded to include cyber security clauses. This article overviews federal, state, and international regulation as they relate to cyber security.

Cyber Security Standards

Cybersecurity standards are collections of best practices, fabricated to help improve the cybersecurity posture of any organization. This page details the common cybersecurity compliance archetypes.

The Cornerstone of Cybersecurity – Cryptographic Standards and a 50-Year Evolution

Cryptography is used to secure communications, protect information in transmission, and codify stored data. The National Institute of Standards and Technology (NIST) has released standards pertaining to data encryption, advanced encryption, and public-key cryptography.

How the NotPetya Attack is Reshaping Cyber Insurance

What are the insurance implications for companies who are at risk of cyber attack? The NotPetya malware attack caused $10 billion of damage globally, yet cyber insurance companies denied reparations. Read to explore the legality behind cybersecurity policy.

Space Force Rolls out Cybersecurity Standards for Commercial Providers of Satellite Services

The Infrastructure Asset Pre-Approval program (IA-Pre) was developed to combat the security risks which could impact a Department of Defense mission. This post explores the IA-Pre program and emphasizes the importance of cybersecurity in the space domain.

How Congress Can Help Prevent Cyberattacks

Congress approved a federal law requiring companies to report cyberattacks to federal authorities. The aim of the law is to create a space where the government can work cohesively with private sector companies to address cyber instances.

Cyber Law: Everything You Need to Know

Cyber law provides legal protections to anyone using the internet or internet related technologies. Key components of cyber law are cybercrime, cybersecurity, intellectual property, and risk mitigation. Read to learn about these components and the recent trends in cyber law.

Cybersecurity Reporter Nicole Perlroth Says the U.S. Should Outlaw Ransomware Payments. But It’s Complicated.

In 2021, hackers initiated a ransomware attack on the Colonial Pipeline. The attack drove up U.S. gasoline prices and infiltration ceased only after Colonial agreed to pay the hackers $5 million in compensation.

U.S. House Lawmakers Search for Open Source Security Fixes

On May 11, 2022, the U.S House Committee on Science, Space, and Technology convened to discuss improving open software cybersecurity. The government could play an active role in cybersecurity by encouraging a security focus.

FBI Announcement: Paying the Ransom is a Bad Idea

The FBI does not support paying the ransom in the aftermath of a ransomware attack. Read to learn why paying the ransom is not supported.

Identity & Cybersecurity: Exploring the Privacy Implications and Mitigating Risks of Identity Webinar

Listen to a webcast that explores privacy implications and ways to protect your identity online.

A CFO Guide to ‘Zero Trust’ Cybersecurity

Traditionally, stakeholders using a company network would follow a “trust, but verify”, access approach. As cyberattacks continue to grow in volume, IT infrastructures shift to a “Zero Trust” security framework.

A Former Hacker's Guide to Boosting Your Online Security

Ngô Minh Hiếu, a hacker who was incarcerated in the U.S. for running an online store that sold the personal information of about 200 million Americans, now attempts to protect the world from the sorts of cybercriminals he once was.

What Is Cyber Insurance, and Why Is It In High Demand?

The demand for cyber insurance has skyrocketed. This influx of demand has created issues for cyber policy holders, as protection has become more costly and less comprehensive.

A Decentralized Verification System Could be the Key to Boosting Digital Security

A zero trust security approach is the current best digital security practice. However, in a zero trust system, absolute trust is placed in the verification method. Read to learn more about decentralizing trust.

Types of Cybersecurity

Cybersecurity is the practice of protecting electronic data from unlawful use. This article breaks down cybersecurity into 5 subcategories and explains the practicality of each subtype.

How to Protect Your Digital Privacy in the Era of Public Shaming

View nine tips to foil hackers, ransomware, online trackers, data brokers, and other menaces.

Mission of the Cloud-centric CISO

Large organizations are embracing cloud computing as a foundation for their business strategies, often centered around digital transformation.

The 2021 DUO Trusted Access Report

The 2021 Duo Trusted Access Report considers the future of hybrid work and suggests methods to secure devices and applications.

Integrated Microsoft Cloud Solutions

Fisco, Texas, has taken steps to modernize its IT security tools. Implementing Microsoft’s suite of integrated solutions has helped the city automate security tasks, facilitate threat detection, and build a secure enterprise.

Token Raises $13 Million for Its Biometric Authentication Ring

Token, a company founded in 2014, has developed a wearable authentication ring. The smart ring offers a passwordless, biometric authentication solution.

They’re Your IRS Records. Getting Them Means Giving Up Privacy

Taxpayers who want to access their IRS records online must submit copies of their driver’s license, social security card, and other documents to the ID.me as proof of identity.

National Cyber Investigative Joint Task Force

The National Cyber Investigative Joint Task Force (NCIJTF) was established to combat the evolving cyber landscape. Learn more about the multi-agency cyber center and its responsibilities.

Magnet Forensics Buys Tech to Help Cops Peer into Devices

Magnet Forensics, a tech firm, has made a $5 million deal with U.S law enforcement. The tech provider plans to equip police with data extraction tools to aid investigative efforts and combat cyber attacks.

Understanding Identity Systems Part 1: Why ID?

Modern identity systems are vast. They include our passwords, characteristics, and behaviors. Governments have been looking into implementing national identity systems to support administrative needs. Read to explore the motivations behind introducing ID systems.

Security & Innovation for Government Agencies

Many government agencies still struggle with outdated legacy technology. This resource is a complete guide to improving government services with Microsoft cloud technology.

So This Is What Vaccine Passports Were Leading To

During the pandemic, a plethora of digital tools were introduced, each embedded with questionable data collection features. We accepted these controversial tools (e.g. tracking apps) under the guise of COVID-19. Watch to learn how the government used and abused its citizens' personal data.

Calls Mount for Blocking Warrantless Mass Data Collection

The 4th amendment protections individual privacy by requiring law enforcement to obtain a warrant before searching individual personal records. However, state, federal, and local law enforcement have been sidestepping the amendment by purchasing sensitive data from brokers.

ACLU v. Department of Homeland Security

Mobile apps routinely sell user’s location data to government agencies. In December 2020, the ACLU and NYCLU filed a lawsuit seeking records from the Department of Homeland Security about the practice of purchasing cell phone location data.

Much Of Our Government Digital Surveillance Is Outsourced To Private Companies

Our nation’s digital surveillance is increasingly outsourced to private companies. These corporations aggregate, analyze, and deploy consumer data sets. Read to learn about the commercialized surveillance state and its privacy risks.

Google Bans Apps With Hidden Data-Harvesting Software

Measurement Systems, a Panamanian firm, wrote a data harvesting code that later infected many popular mobile apps. The intrusive code collected location data and personal identifiers.

Cellphones, Law Enforcement, and the Right to Privacy

This white paper explains how the government collects and utilizes your location data. Both the legal and the policy landscape of geolocation data privacy are explored.

EPIC Comments to the U.S. Postal Investigative Service on Using U.S.P.S. Customer Data for Law Enforcement

The U.S Postal Inspection Service (USPIS), a subsidiary of the U.S Postal Service, is charged with law enforcement, crime prevention, and security. Recently, USPIS proposed a modification to its inspection filing system, seeking to aggregate more data from Postal Service customers. The Electronic Privacy Information Center (EPIC) has submitted comments to USPIS urging a reversal of the proposed data collection expansion.

Amazon says US Government Demands for Customer Data Went Up

According to Amazon’s transparency report, subpoenas and search warrants received by the government have increased. The data demanded by the government includes information collected from Echo, Kindle and Fire tables, and inputs from Amazon’s home security devices.

Why Your City Probably Needs a Local Privacy Commission

Cities are looking to ensure privacy in surveillance technology procedures and in data handling logistics. Explore the workings of Oakland, California's privacy advisory commission.

Which States Have Cybersecurity Task Forces?

Cyber security is a pressing concern for federal and state governments. More than 30 states have created a cyber task force or commision group to better address and understand cyber security threats.

Cities are Easy Prey for Cybercriminals. Here's How They Can Fight Back

Cyber attacks can disrupt a city's municipal stations, emergency call centers, and most other city services. Read to learn why cities are vulnerable for attack and how they can protect themselves from digital disruption.

Digital Counties 2022: Winners Innovate and Collaborate

The Digital Counties Survey provides the opportunity for local information technology organizations to highlight their past advancements and future goals. Read to learn which counties scored highest in the 2022 edition.

Data Security Laws | State Government

State databases, which hold a vast amount of personally identifiable data, have become an attractive target for cybercriminals. This tool explores the data security laws for each applicable state government.

Cyber Crime

The evolving cyber landscape has led the FBI to implement cyber solutions. Learn more about the FBI’s strategy and partnerships.

High-Risk Series: Federal Government Needs to Urgently Pursue Critical Actions to Address Major Cybersecurity Challenges

The U.S Government Accountability Office (GAO) has expressed concern over the excess of national cybersecurity shortcomings. Read about four major cybersecurity challenges and the 10 associated critical action steps the GAO recommends.

A New Approach to Security in a Cloud-Based World

Governance through identity-centric security can help governments protect data and applications. This article introduces identity-centric technology and its benefits.

U.S. Lacks Full Picture of Ransomware Attacks, Senate Panel Finds

The ransomware economy is growing: attacks have become more frequent and ransom payments have reached the billions. Alarmingly, the U.S. government lacks understanding of ransomware attacks.

Why We Can Expect More Hacking of Politicians’ Phones

There is no international legislation restricting spyware. Could this be a reason why discoveries of spyware on devices of politicians has become increasingly common? Explore the tradeoff between privacy and digital infrastructure.

Whole-of-State Cyber Approaches Are Sweeping the Country

Local governments are seeking to improve cybersecurity procedures. Learn how states like New York and Tennessee have extended cyber services to local governments.

Multifactor, Endpoint Protection Headline Texas Cyber Strategy

Texas CIO Amanda Crawford outlines a plan to implement multifactor authorization and endpoint protection software across the state government. 

Fred Cate: Privacy and Consent

Privacy law states that individuals should have control over information concerning oneself. Dr. Fred Kate denotes seven reasons why privacy consent should not be the focus of privacy law.

Data Privacy Unlocked, A Conversation with Alaska State Representative Zack Fields

In this podcast episode, Alaska State Representative Zack Fields discusses the Alaska Consumer Data Privacy Act. The legislation seeks to protect customers and businesses who use data functionally, while targeting predatory data collection.

Data Privacy Unlocked, A Conversation with Maureen Mahoney of Consumer Reports

Maureen Mahoney of Consumer Reports, joins Husch Blackwell’s David Stauss to discuss consumer data privacy. This episode focuses on data protection policy from California, Colorado, and Virginia legislation.

Debate: Should the U.S Copy the EU's New Privacy Law?

Listen in on a debate between the advocates and the critics of the General Data Protection Regulation. The GDPR is aimed at regulating the way companies handle customer’s personal data.

Americans’ Attitudes and Experiences with Privacy Policies and Laws

97% of Americans say they have been asked to agree to a company's privacy policy, yet relatively few report reading and understanding these policies. This report by the Pew Research Centers explores the demographic differences in reading privacy policies and provides statistics encapsulating the American opinion of corporate data accountability.

Why the “Privacy” Wars Rage On

Does the right to privacy exist? This article overviews the history of legal privacy, provides conceptual definitions of privacy, and critiques Roe v. Wade with respect to personal autonomy.

A Review: The American Data Privacy and Protection Act

The American Data Privacy and Protection Act strives to be the first federal data privacy policy. Read to learn what the act proposes.

Questions Remain as Lawmakers Craft National Privacy Law

Lawmakers are crafting a comprehensive national privacy law. The law covers topics of data ownership and control, the right to consent and object, and data protection for children and minors. Read to explore the perspective of Industry experts and their opinion on the bill's success.

Aging 'Privacy' Law Leaves Cloud E-Mail Open to Cops

Without changes to the Electronic Communications Privacy Act (ECPA), the police will continue to be able to access Americans' e-mail, or documents stored online that are more than six months old, without having to acquire a judge's permission, if the authorities promise it is "relevant" to a criminal investigation.

The State of Consumer Data Privacy Laws in the US (And Why It Matters)

Due to an absence of federal privacy laws pertaining to data, the information collected is not regulated and there is no standardization for notifying users of data breaches. States determine their own privacy laws, allowing many companies to use, share, or sell data without notifying the individual it belongs to.

Cyber Law & IT Act Overview

The IT Act seeks to safeguard information and minimize vulnerabilities. This resource overviews the policy and introduces cyber law terminology.

U.S. House Lawmakers Search for Open Source Security Fixes

On May 11, 2022, the U.S House Committee on Science, Space, and Technology convened to discuss improving open software cybersecurity. The government could play an active role in cybersecurity by encouraging a security focus.

GOP-Led Legislation Would Force Breakup of Google’s Ad Business

The Competition and Transparency in Digital Advertising Act, a bipartisan bill co-sponsored by Sens. Ted Cruz (R., Texas), Amy Klobuchar (D., Minn.) and Richard Blumenthal (D., Conn.), aims to prohibit companies processing more than $20 billion in digital ad transactions annually from participating in more than one part of the digital advertising ecosystem. If passed, the legislation would directly impact Google.

How Congress Can Help Prevent Cyberattacks

Congress approved a federal law requiring companies to report cyberattacks to federal authorities. The aim of the law is to create a space where the government can work cohesively with private sector companies to address cyber instances.

Amy Klobuchar Leads her Final Assault on Big Tech's Power

Senator Amy Klobuchar (D-MN) is the co-sponsor of the American Innovation and Choice Online Act, which, if enacted, would ban dominant platforms from favoring their own products and services over those of their competitors. Another bill sponsored by Klobuchar waiting to receive final approval in the House would provide more funding for the Justice Department and Federal Trade Commission through larger merger filing fees. The hope of these bills, and other pending legislation, is to address the power of Big Tech so companies cannot give preference to their own products or copy the data of other companies.

Reform To Federal Internet Legislation Must Learn from Past Mistakes

Congress is considering revisions to Section 230 of the Communications Decency Act. Section 230 seeks to make the internet safer from hate speech, disinformation, criminal activity, and other harms.

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Explore the Health Insurance Portability and Accountability Act of 1996 (HIPAA), a federal law that protects sensitive patient health information from being disclosed without the patient’s consent or knowledge.

A Guessing Game: How Sen. Klobuchar’s Tech Bill will Impact Consumers

Critics of Sen. Amy Klobuchar’s antitrust legislation raise concerns that the bill could dramatically change consumer-favorite products, while supporters of the bill argue that the legislation targets self-preferencing practices by big tech. Despite the opposing views, the impact of the legislation and the consequences for consumers is uncertain.

HIPAA, the Health Privacy Law That’s More Limited Than you Think, Explained

Learn about what HIPAA does and doesn’t do.

Fair Credit Reporting Act (FCRA)

Learn about the Fair Credit Reporting Act (FCRA).

18 U.S. Code § 2710 - Wrongful Disclosure of Video Tape Rental or Sale Records

Learn about a section from the Video Privacy Protection Act.

Family Educational Rights and Privacy Act (FERPA)

Explore the Family Educational Rights and Privacy Act (FERPA), a federal law enacted to protect the privacy of student education records.

Gramm-Leach-Bliley Act (GLBA)

Learn about the Gramm-Leach-Bliley Act, which requires financial institutions to explain their information sharing practices to their customers and to safeguard sensitive data.

15 U.S. Code § 6801 - Protection of Nonpublic Personal Information

Learn about a section of the Gramm-Leach-Bliley Act.

Electronic Communications Privacy Act of 1986 (ECPA)

Explore the Electronic Communications Privacy Act of 1986 (ECPA), which protects wire, oral, and electronic communications.

USA PATRIOT Act

Explore the USA PATRIOT Act, which arms law enforcement with new tools to detect and prevent terrorism.

Online Privacy Bill Gains Momentum, but Hurdles Remain

A federal data privacy law is in the works. The legislation aims to place limits on how tech companies can collect and use user data. Additionally, the bill includes antidiscrimination protections and restricts the transfer of sensitive data.

Modernizing the Electronic Communications Privacy Act (ECPA)

Learn about the Electronic Communications Privacy Act of 1986 (ECPA), which protects wire, oral, and electronic communications.

Children's Online Privacy Protection Rule ("COPPA")

Explore the Children's Online Privacy Protection Act (COPPA) of 1998.

Children's Privacy

Learn about the Children’s Online Privacy Protection Act (COPPA), which gives caregivers control over what information websites can collect from their kids.

Federal Trade Commission Act

Learn about the Federal Trade Commission Act.

Why Lawmakers Want to Rewrite Section 230

Section 230 is a law that says users and social media providers are not liable for any information posted on media platforms. This video explains the bill and the key issues surrounding the legislation.

California Consumer Privacy Act (CCPA)

Learn about the California Consumer Privacy Act of 2018 (CCPA), which gives California consumers more control over the personal information that businesses collect and guidance on how to implement the law.

Biometric Information Privacy Act (BIPA)

Biometric Information Privacy Act (BIPA) establishes biometric data standards, requires a notice and consent to data collection, and prohibits companies from selling biometric information.

AB-1490 California Privacy Rights Act of 2020: California Privacy Protection Agency.

Explore the California Privacy Rights Act of 2020 (CPRA).

California Privacy Protection Agency

The California Privacy Rights Act established a new agency, the California Privacy Protection Agency (CPPA) to implement and enforce the law.

HB 2307 Consumer Data Protection Act; Personal Data Rights of Consumer, Etc.

Explore the Consumer Data Protection Act, which establishes a framework for controlling and processing personal data in the Commonwealth.

The Fight Continues Over Texas’ Controversial Social Media Law

A Texas law allowing residents to sue social media companies for censoring their content was reinstated by a federal appeals court; however, many argue that the content moderation law is unconstitutional, raising First Amendment concerns.

Data Privacy: CT Senate votes to Regulate the Buying and Selling of You

The failure of congress to pass federal privacy legislation has prompted the Connecticut Senate to pass a bill protecting consumer data. Senate Bill 6 would allow consumers to be notified by companies collecting data and ability to opt out of sales or sharing of that information.

Virginia Set to Become Second State to Pass Data Privacy Law

Virginia may pass the Consumer Data Protection Act, which would grant consumers the right to determine whether their data is collected and processed and ask for a copy of their data, correct inaccuracies, ask for the deletion of personal data, and opt out of the processing of personal data that may be used for targeted advertising, sale, or consumer profiling.

Colorado Senate Bill 21-190: Protect Personal Data Privacy

Explore the Colorado Privacy Act (ColoPA).

Colorado Passes Privacy Bill: How Does it Stack Up Against California and Virginia?

Learn about the Colorado Privacy Act (ColoPA) and how it compares to California and Virginia legislation.

Kids Online Safety Act of 2022 (KOSA)

Explore the Kids Online Safety Act of 2022.

Some Facebook Users are Receiving $397 Checks Over Data Privacy Violations—And These Tech Companies Could be Next

1.4 million Illinois residents received checks as compensation for a $650 million lawsuit against Facebook. Illinois lawyers were not pleased when the social media platform gathered biometric data without user consent.

How Illinois Is Winning in the Fight Against Big Tech

Illinois has strict legislation governing the use of biometric identifiers. This article explores the Biometric Information Privacy Act of Illinois. The Act set limits on the amount of data that can be collected, requires consumer consent, and encourages a private right of action.

State Laws Related to Digital Privacy

Explore state laws related to digital privacy.

Security Breach Notification Laws

Explore state laws related to security breach notifications.

Private Right of Action Proving Problematic for State Privacy Laws

Ten states are currently considering data privacy legislation similar to California’s Consumer Privacy Act (CCPA).

From Washington to Florida, Here are Big Tech’s Biggest Threats From States

States are taking action on privacy, taxes and content moderation quicker than Congress.

Big Tech Is Pushing States to Pass Privacy Laws, and Yes, You Should Be Suspicious

Big Tech is pushing to pass friendly, watered-down state privacy bills to avoid greater protections.

​​California's Attorney General Backs call for Global Privacy Control Adoption With Fresh Enforcement Letters to Companies

Companies must honor the Global Privacy Control (GPC), a browser-based data collection opt-out tool, under the California Consumer Privacy Act, according to California’s attorney general.

Biometric Data and Privacy Laws (GDPR, CCPA/CPRA)

There are practically no legal provisions specific to biometric data protection. Instead, legal texts rely on provisions relating to personal data protection and privacy.

U.S. President Biden Signs Law to Ban Huawei and ZTE From Receiving FCC Licences

The Secure Equipment Act of 2021 removed approval for Huawei or ZTE equipment to be purchased for American network operations. The Federal Communications Commission backed the law, designating Huawei and ZTE as national security threats.

The EU AI Act: What you Need to Know, How to Improve It

The European Union wants to Regulate artificial intelligence through the EU AI Act. Listen in on a conversation with Mozilla Foundation's Executive Director Mark Surman, as he describes the key facts of the EU AI Act.

Data Protection and Privacy Legislation Worldwide

Explore legislation pertaining to data protection and privacy around the globe.

Beyond GDPR: Data Protection Around the World

Learn about regions and countries that have implemented international privacy laws for data protection.

Twelve Days in Xinjiang: How China's Surveillance State Overwhelms Daily Life

Security checkpoints, facial scanners, hand-held devices to search smartphones, and swiping ID cards and staring into a camera are just a few ways in which people are surveilled in Urumqi, China.

Four Takeaways From a Times Investigation Into China’s Expanding Surveillance State

The Time’s investigation team analyzed government bidding documents, which call companies to bid on contracts to provide surveillance technology. Technologies include phone tracking devices, DNA databases, and facial recognition cameras. All of these systems are integral to China’s expanding surveillance state.

Chinese Economist Suggests China Spend More to Boost Its Birthrate—and Is Blocked From Social Media

China suspended Ren Zeping’s Weibo account days after he wrote an article suggesting that the country spend $314 billion to boost its fertility rate.

China Uses AI Software to Improve Its Surveillance Capabilities

Dozens of Chinese firms have built software that uses artificial intelligence (AI) to sort data collected on residents.

China to Keep up Scrutiny of Internet Sector - Xinhua

China’s technology industry minister, has been engaged in a campaign tasked with regulating the online economy and tackling issues of data security.

Internet Access in China — Wi-Fi and Internet Censorship

China has been increasing internet censorship year by year. For starters, access to Google is largely blocked. Read to learn about China’s internet limitations and the recommended steps to improve your online capabilities.

Chinese Company Installed Secret Backdoor on Hundreds of Thousands of Phones

In a software update, a Chinese company introduced a secret backdoor that collected personal data. Android BLU devices users had their phone number, location, and message data collected.

Team USA Advises Athletes Heading to Beijing Olympics to Leave Their Phones at Home

The United States Olympic & Paralympic Committee is encouraging Team USA to use disposable or “burner” phones instead of personal devices during the Beijing Winter Olympics due to surveillance and malicious software concerns. The Canadian Olympic Committee, British Olympic Association, and Dutch Olympic Committee/Dutch Sports Federation also informed their athletes of cybercrime threats and urged individuals to take precautions.

U.S. President Biden Signs Law to Ban Huawei and ZTE From Receiving FCC Licences

The Secure Equipment Act of 2021 removed approval for Huawei or ZTE equipment to be purchased for American network operations. The Federal Communications Commission backed the law, designating Huawei and ZTE as national security threats.

FCC Kicks China Telecom out of United States

In 2021, the Federal Communications Commision removed the permission of China telecom to operate in the United States. The company’s removal stemmed from fear that the telecon agency would aid the Chinese government to access and misroute U.S. communication.

Huawei Eyes Digital, Intelligent Future Despite U.S. Ban

The China based tech giant, Huawei, has plans for developing intelligent digital infrastructure. Additionally, Huawei's market share has been growing, as others realize the prospects of the company. However, the U.S has banned companies from using the tech provider. Will the U.S. come to regret its decision?

Secret Back Door in Some U.S. Phones Sent Data to China, Analysts Say

Android phones were recently discovered with pre-installed monitoring software. The software was installed without disclosure, and collected the contents of text messages, contact lists, call logs, and location information.

What is GDPR, the EU's New Data Protection Law?

Learn about the General Data Protection Regulation (GDPR), Europe’s data privacy and security law.

GDPR Compliance

Explore information to help organizations achieve General Data Protection Regulation (GDPR) compliance.

General Data Protection Regulation Text

Explore the General Data Protection Regulation (GDPR) text.

G.D.P.R., a New Privacy Law, Makes Europe World’s Leading Tech Watchdog

G.D.P.R., Europe's new privacy law, allows people to reduce the trail of information left when online and grants individuals the ability to request the data that companies hold on them, and demand it be deleted.

Europeans' Data Shared 376 Times Daily in Advertising Sales, Report Says

As companies bid for online advertising slots, data about every internet user is shared hundreds of times each day.

The Biggest Data Breach: ICCL Report on Scale of Real-Time Bidding Data Broadcasts in the U.S. and Europe

Real-Time Bidding (RTB) tracks what you are looking at and it records where you go. Every day it broadcasts data to a host of companies, enabling them to profile users. This report presents the scale of this data breach.

Biometric Data and Privacy Laws (GDPR, CCPA/CPRA)

There are practically no legal provisions specific to biometric data protection. Instead, legal texts rely on provisions relating to personal data protection and privacy.

U.S. Joins 55 Nations to Set New Global Rules for the Internet

In April 2022, the U.S and 55 other nations signed the “Declaration for the Future of the Internet.” The political commitment aims to promote the free flow of information and ensure user privacy.

The Privacy Mindset Of The EU Vs. The US

Compare the digital privacy mindset in Europe and the U.S.

Why Is America So Far Behind Europe on Digital Privacy?

Europe implemented the General Data Protection Regulation (GDPR) in 2018, which establishes several privacy rights including a requirement for companies to inform users about their data practices and receive explicit permission before collecting any personal information, yet America lacks a comprehensive federal law to regulate digital privacy.

Russia: Growing Internet Isolation, Control, Censorship

Recent developments in Russian internet regulation have focused on tightening government control, content filtering, and the engineering of novel monitoring technology. This white page explains Russian internet regulations as they apply to the web, applications, and telecommunications.

Russia Takes Censorship to New Extremes, Stifling War Coverage

President Vladimir V. Putin, appears to see the internet as a new found threat. The President clamped down on news outlets, blocked access to Facebook, and enacted a law that criminalizes anyone spreading “false information” about Russia’s invasion of Ukraine.

Russia Intensifies Censorship Campaign, Pressuring Tech Giants

Russian authorities warned tech companies including Google, Meta, Apple, Twitter, and others that they must comply with a new law that requires them to set up legal entities in the country, making the companies and their employees more vulnerable to Russia’s legal system and government censors. Through the use of ultimatums, authorities are pushing tech companies to censor unfavorable material, while keeping pro-Kremlin media unfiltered.

Many Russian Cyberattacks Failed in First Months of Ukraine War, Study Says

A report from Microsoft revealed that the Russian government was succeeding in its disinformation campaign to establish a narrative of the war favorable to Russia, despite Moscow failing in more than two-thirds of the cyberattacks conducted.

Authoritarians Love Smart Cities, Russia is no Expectation

Moscow has been on a mission to become a smart city. While smart cities can increase efficiency and improve the quality of life, smart city technology in the hands of an authoritarian regime should raise safety concerns.

Telegram Rolls out Group Monitoring in Brazil Ahead of Elections

The spread of disinformation, especially revolving around elections, could threaten a country's democracy. To combat false content, Telegram has announced an aim to monitor content and create fact-checking channels.

A Look-Back and Ahead on Data Protection in Latin America and Spain

Explore data protection laws in Latin American countries and Spain, some of which are GDPR-inspired.

Latin American Data Privacy In 2020: What Should Employers Consider When Requesting Background Checks?

Learn about how various Latin American countries address data privacy.

The Battle for Communications Privacy in Latin America: 2021 in Review

Government surveillance is a problem in Latin American countries, emphasizing the importance of human rights and the need to increase safeguards.

Going Digital: Privacy & Cybersecurity in Latin America

Listen to a webcast on how Latin American governments and those in the private sector can protect digital privacy and improve cybersecurity.

What the North Korean Internet Really Looks Like

North Korea heavily restricts citizens' internet access. Read to learn what you may encounter on the North Korean internet.

North Korea, the Surveillance State

North Korea’s domestic internet, kwangmyong, only provides access to government approved websites. Additionally, phone, media, and communication activity are notoriously controlled.

North Koreans Want External Information, But Kim Jong-Un Seeks to Limit Access

The People's Republic of North Korea has established an information monopoly – Radio, television, cellphones, and media access are fully controlled by the president. This report focuses on the violation of internet freedom and details the techniques used to limit access to outside information.

How North Korea Used Crypto to Hack Its Way Through the Pandemic

North Korea’s economy has been heavily impacted by sanctions and the coronavirus pandemic, yet the nation continues to spend money. A key part of the mystery was figured out when North Korea was publicly accused of stealing millions of dollars in cryptocurrency to raise funds.

North Korea Cyber Threat Overview and Advisories

HIDDEN COBRA is the code name the U.S. Government uses in reference to the North Korean government’s malicious cyber activity. The North Korean government engages in cybercrime to collect intelligence, conduct attacks, and generate revenue.

One American Hacker Suddenly Took Down North Korea’s Internet—All Of It

In January 2022, an attack against North Korea resulted in a country wide internet blackout. Discover the motives behind the North Korean hack.

Global Survey on Internet Privacy and Freedom of Expression

Explore global challenges and opportunities and the legal and regulatory environment for privacy protection on the internet around the world.

The Era of Borderless Data Is Ending

As nations attempt to control digital data within their country or region, governments set new rules and standards in an attempt to gain “digital sovereignty.”

Edward Snowden: Leaks that Exposed US Spy Programme

Edward Snowden is a former CIA agent, who leaked details of the extensive internet and phone surveillance by American Intelligence. Leaked documents suggested that the National Security Agency (NSA) broke US privacy laws hundreds of times per year.

China’s COVID Surveillance State and Its Western Imitators

China, the world’s surveillance superpower, is often criticized by other nations for its authoritarian oversight. However, as COVID peaked, mass data collection and surveillance expanded globally.

Huawei Security Scandal: Everything You Need to Know

Huawei has recently joined the consumer smartphone market, now owning more than 16% of the industry. However, concerns have been sparked over Huawei's potential to be spying on behalf of the Chinese government.

Dark Web Carding Platform UniCC Shuts up Shop After Making Millions

This article explores UniCC, a Dark Web credit card fraud and identity theft platform. After generating over $358 million in fraudulent purchase revenue, UniCC announced its shut-down.

He Predicted the Dark Side of the Internet 30 Years ago. Why did no one Listen?

In 1994, Philip Agre predicted that computers would facilitate the mass collection of data. Additionally, Agre foresaw the authoritative misuse of facial recognition technology and foretold that artificial intelligence would be put to dark uses.

The Black Market for Data is on the Rise

The black market for data is a multi-billion dollar industry where stolen information is bought and traded. Read to learn about the factors contributing to the growth of the dark web and why decentralized storage may be a solution to combat the black market.

The Dark Web and Cybercrime

Learn about the dark web and review a case study.

College Closing Another Sad Milestone for Ransomware Impact

Lincoln College closed after 157 years due to financial challenges from a 2021 ransomware attack and the coronavirus pandemic.

What Prescott, Ariz., Learned 'Dodging a [Ransomware] Bullet

Even one weak password can give hackers an advantage to intrude an entire city’s network. A successful cyber attack could disrupt airport, finance, public safety, and utility city-operations.

Android Malware that Steals Passwords puts Billions of Users at Risk

ERMAC 2.0 is a malware that targets Android devices. ERMAC 2.0 spreads via fake sites and the malware works to harvest user data.

Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks

Ransomware for IoT (R4IoT), is a new ransomware that targets an IoT device in an attempt to gain access to IT (information technology) and OT (operational technology) networks.

How Vulnerable Is U.S. Energy Infrastructure to Future Cyberattacks?

May 2021, the Colonial Pipeline shut down in response to a ransomware attack. As digital threats to energy infrastructure are becoming more frequent, why does cybersecurity regulation remains scarce?

SMS Trojan

SMS Trojan is malware that infects a mobile device and intercepts the SMS messaging system. Learn about SMS Trojans infection method and remediation steps.

Mobile Bank Trojan

Mobile Bank Trojan is a mobile banking malware that seeks to steal an individual's bank account credentials. Read to learn about Mobile Bank Trojan’s history, infection method, and remediation.

Now Cryptojacking Threatens Critical Infrastructure, Too

Cryptojacking was once confined to browsers, however, cybercriminals have now turned attention to the lucrative industrial networks. Learn how cryptojacking has become a threat to critical infrastructure.

IRS Phone Scammers Double up Their Efforts for the Holidays

The IRS phone scam is a common scam technique used by cyber criminals. This article includes an excerpt from a conversation with a fake IRS agent.

Ashley Madison Hack Returns To ‘Haunt’ Its Victims: 32 Million Users Now Watch And Wait

Sextortion campaigns are on the rise. The attack strategy is simple: spice up a threatening email with some personal details, then claim to have photos or videos which will be emailed to friends, family, and colleagues unless a bitcoin ransom is paid.

Money Mules, If It Looks to Good to be True...

Money mules receive stolen funds and transfer them to cybercriminals. Read to learn how money mule recruiters trick individuals into becoming money launderers.

Help Prevent Disaster Donation Scams from Causing More Misery

Disaster donation scams ploy on tragedy and sympathy to hoax individuals. This blog describes the social engineering involved in fake disaster donation scams and offers methods to avoid such scams.

Ellen DeGeneres Giveaway Scam Spreading on Social Media

The Ellen DeGeneres giveaway scam spread on social media in 2015. Read to learn about this celebrity scam and why it failed.

Social Engineering

Social Engineering is a method used by cybercriminals to get victims to breach security or disclose private information. Learn about the objectives of social engineering and the common types of online scams.

Scam Calls - How to Stop Them

A robocall is any telephone call that delivers a pre-recorded message with the intention of stealing identifiable or financial information. Read to learn about the main types of scam calls and solutions for avoiding robocalls.

T-Mobile Says Hack Exposed Personal Data of 40 Million People

A T-Mobile data breach exposed information including customers’ first and last names, social security numbers, driver’s license, and other information.

Attackers Can Use Electromagnetic Signals to Control Touchscreens Remotely

GhostTouch, is the first contactless cyber attack strategy. The strategy uses ‘electromagnetic interference to inject fake touch points into a touchscreen’ device.

DNA Testing Firm Data Breach Exposed Sensitive Information of More Than 2.1 Million People

A data breach associated with DNA Diagnostics Center (DDC), a national genetic and paternity testing organization, led to hackers accessing the personal information of more than 2.1 million people. While no genetic information was stolen and the breach was limited to the archived system, hackers accessed full names, social security numbers, credit and debit card numbers and CVV, financial account numbers, and the breached system’s password.

Hackers Can Now Trick USB Chargers To Destroy Your Devices -- This Is How It Works

Did you know that USB chargers are open to malicious compromise? Review how cyber criminals can take advantage of public chargers and install transmittable malware.

Russian Military Hackers — $10 Million Reward Offered By U.S.Government

Six Russian military hackers have been named by the U.S. Department of State as cybercriminals for their alleged involvement in computer fraud, aggravated identity theft, and other malicious cyber activity. Learn why the U.S. Department of State is willing to offer up to $10 million for information on these hackers.

One American Hacker Suddenly Took Down North Korea’s Internet—All Of It

In January 2022, an attack against North Korea resulted in a country wide internet blackout. Discover the motives behind the North Korean hack.

Google Warning: North Korean Hackers Breach Windows And Chrome Defenses To Attack Security Researchers

North Korean hackers have a new trick up their sleeves: posing as cybersecurity bloggers to attack reacherers in the field. Learn how the hackers created cybersecurity blogs, phished cyber researchers, and hoped to exploit them.

After This Week’s Hack, It Is Past Time for Twitter to End-to-End Encrypt Direct Messages

Hackers gained access to an internal admin tool and compromised high profile Twitter accounts (e.g. Elon Musk and Barack Obama). Learn how Twitter was at fault for this attack and how implementing end-to-end encryption could have safe guarded the social network company from the attack.

What Is Cryptocurrency Theft and How Does Crypto Theft Work

The astonishing return on cryptocurrency investment has lured cybercriminals into cryptocurrency theft. Learn about the forms of crypto theft and how antivirus software can prevent your crypto wallet from being hacked.

Why we can Expect More Hacking of Politicians’ Phones

There is no international legislation restricting spyware. Could this be a reason why discoveries of spyware on devices of politicians have become increasingly common? Explore the tradeoff between privacy and digital infrastructure.

Mass Unemployment Is a Field Day for Identity Thieves

Job applications enrich a company's database, making an attack increasingly attractive to hackers. It is critical to protect your personal information when job hunting.

What To Know About Identity Theft

Identity theft occurs when someone impermissibly uses your personal (e.g. name, address) or financial (e.g. credit card, bank account) information. Read to learn how to protect yourself against identity theft.

‘Tough to Forge’ Digital Driver’s Licenses Are — Yep — Easy to Forge

In 2019, the government of New South Wales switched to a digital driver's license (DDL). DDL allowed citizens to use their cellphones to show proof of identification during roadside police checks and at bars. In theory, DDL was innovative. In reality, the digital ID was a field day for identity scammers.

LifeLockCEO's Identity Stolen 13 Times

LifeLock’s CEO, Todd Davis, displayed his social security number on the company's advertisements. In an effort to exhibit LifeLock’s security, Davis has ironically been a victim of identity theft.

Children are Targets for ID Theft. Here’s What Parents Need to Know.

Learn about what child identity theft looks like and how it can be prevented.

Cyber Crime

The evolving cyber landscape has led the FBI to implement cyber solutions. Learn more about the FBI’s strategy and partnerships.

The Biggest Data Breach: ICCL Report on Scale of Real-Time Bidding Data Broadcasts in the U.S. and Europe

Real-Time Bidding (RTB) tracks what you are looking at and it records where you go. Every day it broadcasts data to a host of companies, enabling them to profile users. This report presents the scale of this data breach.

New York Man Sentenced to 4 Years in Transnational Cybercrime Scheme

Andrew Yang wants people to get paid for the data they create on big tech platforms through his Data Dividend Project, which establishes data as property rights under privacy laws like the California Consumer Privacy Act (CCPA).

How Cambridge Analytica Sparked the Great Privacy Awakening

Cambridge Analytica purchased Facebook data on tens of millions of Americans, without users’ knowledge, and used their likes to create personality profiles for the 2016 U.S. election. The scandal showed how data can be misused.

The Great Hack

Watch the trailer for a documentary film about the Cambridge Analytica data scandal.

US Lacks Full Picture of Ransomware Attacks, Senate Panel Finds

The ransomware economy is growing: attacks have become more frequent and ransom payments have reached the billions. Alarmingly, the U.S. government lacks understanding of ransomware attacks.

Northeast Ohio Cities Spend COVID Aid on Surveillance Cameras

Cities in Northeast Ohio spend millions of COVID-19 stimulus dollars on surveillance cameras for law enforcement, in an effort to fulfill various safety initiatives, yet critics argue that additional surveillance infringes upon civil rights in addition to questioning the efficacy of crime reduction.

Public Surveillance Cameras and Crime

Studies indicate that cameras can reduce crime, specifically property crimes and vehicle crimes in parking lots, yet gaps and inconsistencies remain in research. The current study analyzes different types of cameras and their impact on crimes and crime clearances.

A Viral Twitter Thread About Hidden Cameras in Philadelphia Airbnb Asks are Security Cameras Allowed Inside an Airbnb?

Official Airbnb policy allows the use of cameras and recording devices given that the devices are installed visibly and the camera use is disclosed. Many Airbnb consumers were not aware of security camera permission until a Twitter threat went viral.

Ring Neighbors Is the Best and Worst Neighborhood Watch App

Amazon’s Ring service comes packaged with Neighbors, a neighborhood watch app. While the Neighbors app may be beneficial in alerting towns of criminal dangers, the app has sparked controversy following a partnership with law enforcement agencies. Read to explore the controversy surrounding Amazon’s home surveillance service: Ring Neighbors.

NYPD Settles Lawsuit After Illegally Spying on Muslims

The New York City Police Department illegally spied on Muslims, prompting a lawsuit that was settled.

U.S. Marshals Used Drones to Spy on Black Lives Matter Protests in Washington D.C.

Documents indicate U.S. Marshals Service flew unmanned drones over Washington, D.C., when nationwide protests against police brutality in the wake of George Floyd’s murder were at their height.

U.S. Watched George Floyd Protests in 15 Cities Using Aerial Surveillance

The Department of Homeland Security deployed helicopters, airplanes and drones over 15 cities where demonstrators protested the death of George Floyd, logging at least 270 hours of surveillance.

Customs and Border Protection Is Flying a Predator Drone Over Minneapolis

Customs and Border Protection (CBP) flew a Predator drone over Minneapolis while protesters demonstrated against police brutality.

Drones are Taking to the Skies in the U.S.

The Federal Aviation Administration has increased efforts to license surveillance drones for law enforcement and other uses in U.S. airspace.

New Documents Reveal U.S. Marshals’ Drones Experiment, Underscoring Need for Government Transparency

The U.S. Marshals Service has experimented with using drones for domestic surveillance.

Networks of Control - A Report on Corporate Surveillance, Digital Tracking, Big Data & Privacy

A large number of companies engage in constant surveillance of the population without peoples’ knowledge, tracking, profiling, categorizing, rating, and collecting personal data.

A World With a Billion Cameras Watching You Is Just Around the Corner

Globally, more than 1 billion cameras are being used for surveillance purposes. The growth in the global security camera industry has triggered debate over the implications and regulation of mass surveillance.

Tim Cook Expects our Behavior to Change When we Feel 'Surveilled all the Time' by Tech: 'It Changes Society in a Major Way'

Apple’s CEO, Tim Cook, critiqued tech companies for monitoring user data, claiming that large scale surveillance could become a problem for society. Read to learn how surveillance could change the way humans behave and interact with one another.

Tech Tool Offers Police ‘Mass Surveillance on a Budget’

Local law enforcement agencies across the U.S. have been using a cellphone tracking tool to follow billions of people’s movements. Supporters claim the technology’s use can fill the gaps found in understaffed and underfunded police departments, while adversaries argue the digital tool violates the Fourth Amendment.

Corporate Surveillance in Everyday Life - How Companies Collect, Combine, Analyze, Trade, and Use Personal Data on Billions

Everyday lives of consumers are monitored and recorded. Pervasive digital tracking is used to make automated decisions and predictions about consumer behavior. Warning: your sensitive information is sold to promote corporate profitability!

The State Of Mass Surveillance

Learn about the state of mass surveillance by the U.S. government and where it could go in the future.

Edward Snowden, the NSA, and Mass Surveillance

In 2013, Edward Snowden gave journalists thousands of secret NSA documents, revealing mass surveillance of terrorist suspects and of innocent Americans. The leaks caused many people to criticize the previously secret NSA surveillance programs.

How Democracies Spy on Their Citizens

Pegasus, a spyware technology, has tools that extract the contacts of a phone, including texts and photos. The software has infiltrated the telephones of national leaders including Borris Johnson, the Prime Minister of the United Kingdom.

Should Companies Track Workers With Monitoring Technology?

Following the shift to remote work, employee monitoring technology has been adapted at an astonishing rate. Monitoring technology can capture the websites employees visit, their active and idle time, and even analyze employee facial expressions. This article features an excerpt of a conversation between three data-privacy experts, who discuss the privacy issues of employee monitoring technology.

China Uses AI Software to Improve its Surveillance Capabilities

Dozens of Chinese firms have built software that uses artificial intelligence (AI) to sort data collected on residents.

Facewatch: the Reality Behind the Marketing Discourse

Facewatch is a cloud based facial recognition system that strives to reduce shoplifting. Explore concerns over Facewatch’s controversial partnership with the police force.

Mobile Spyware

Mobile spyware is a hidden malware that steals information, records audio, takes pictures, and tracks device location. Read to learn about spyware’s infection method and device remediation.

Pegasus Spyware and Citizen Surveillance: What You Need to Know

Pegasus is a spyware software intended to help governments pursue criminals and terrorists. Learn how Pegasus software operates and how such tools could be misused.

Visual Surveillance Technology

Surveillance cameras (also known as Closed-Circuit Television [CCTV]) are the main technology behind facial recognition processes. This brief article explains CCTVs, their uses, and subsequent concerns.

The CDC Surveilled for Lockdown Compliance 

The COVID-19 containment plan included a population-wide lockdown. To enforce an isolation policy, the CDC bought expensive access to mobile phone location data.

FBI Conducted Potentially Millions of Searches of Americans’ Data Last Year, Report Says

The Federal Bureau of Investigation (FBI) performed potentially millions of searches of American electronic data last year without a warrant, raising concerns about government surveillance and privacy.

Cute Videos, but Little Evidence: Police say Amazon Ring isn't Much of a Crime Fighter

While Ring promises to “make neighborhoods safer,” an NBC News Investigation found little evidence to support the company’s claim.

FAQ: What You Need to Know About the NSA's Surveillance Programs

Explore what the NSA collects and how it obtains information.

The State of Privacy in Post-Snowden America

After the 2013 Snowden leaks about the NSA, Pew Research Center explored people’s views and behaviors related to privacy by examining how people perceived government surveillance and commercial transactions involving the collection of personal information.

The Top Secret Rules that Allow NSA to use US Data Without a Warrant

Documents submitted to the secret Foreign Intelligence Surveillance Court, known as Fisa court, revealed procedures that the NSA is required to follow to target non-US persons and minimize data collection from US persons.

Biometrics

Biometrics describes the data gathered from human characteristics. Biometrics could be physiological data like fingerprints, facial, and retina patterns, or behavioral, like voice and gait profiles. Recently, there has been a global uptake in the development of biometric programs, however, such developments have often sidelined the creation of legal frameworks to regulate biometric data.

Looking to the Future of Biometric Data Privacy Laws

Failure to secure and document informed consent to use biometric information has resulted in a wave of litigation in Illinois due to the Biometric Information Privacy Act (BIPA).

Hacking Our Identity: the Emerging Threats From Biometric Technology

Biometric authentication is used for digital security, law enforcement, employee identification, and more. This article probes the policy and security challenges that are arising as we adopt biometric technology.

Behavioral Biometric vs Physical Biometric: Complete Guide

Learn about the difference between behavioral biometrics and physical biometrics, and the advantages and disadvantages of each.

Facial Recognition

Facial recognition refers to a technology that collects and processes biometric facial data. This short article explains facial recognition, offers examples of how the system is used, and concludes with warnings surrounding the technology.

Facial Recognition Is Everywhere. Here’s What We Can Do About It.

Learn about facial recognition, including the history of it, arguments for and against it, the future of facial recognition and regulation, and privacy tips for using everyday things with facial recognition.

IRS Plan to Scan Your Face Prompts Anger in Congress, Confusion Among Taxpayers

The IRS has arranged for the digitization of identity verification. Starting summer 2022, tax-filers will be required to submit an identity self-scan inorder to access personal records.

Your Face Is, or Will Be, Your Boarding Pass

Airports, airlines, tech companies and government agencies are investing in biometric advancements, amidst the need for social distancing due to the pandemic. Not only does such technology verify identity, but it shortens security procedures for those who wish to utilize such technological features.

Texas Sues Meta Over Facebook’s Facial-Recognition Practices

The Texas attorney general sued Facebook over its use of facial-recognition technology. Attorney Ken Paxton claimed the technology violated state privacy protection policy for personal biometric data.

Facewatch: the Reality Behind the Marketing Discourse

Facewatch is a cloud based facial recognition system that strives to reduce shoplifting. Explore concerns over Facewatch’s controversial partnership with the police force.

Facial Recognition Overkill: How Deputies Cracked a $12 Shoplifting Case

Facial recognition helps authorities solve investigations in hours instead of days.

Facebook to Shut Down Facial Recognition in Photos, Videos

Facebook used a facial recognition system that automatically identified people in video and other content. However, the company was found to be wrongfully using the technology and after being sued by Illinois, the social-media platform shut down its user-tagging feature.

Ohio’s Controversial Facial-Recognition Database to get $21.4 Million Update, AG Dave Yost Says

Ohio is spending $21.4 million to revamp its controversial facial-recognition software to better identify suspects and missing persons by matching their photos with updated driver’s license and mug-shot pictures.

Hospitals Turn to Biometrics to Identify Patients

Record keeping is a challenge in hospitals, leading many medical centers to utilize biometric technology to correctly identify patients. Some ways in which hospitals are using biometrics is through iris and palm-vein scanning.

Hackers Claim ‘Any’ Smartphone Fingerprint Lock Can Be Broken In 20 Minutes

Security vulnerabilities have been identified in fingerprint scanning technologies. A Chinese security research team claims to be able to defeat fingerprint security within 20 minutes using inexpensive hardware and a mobile application.

Iris Recognition

Learn about how iris recognition works, what kinds of data are collected, who sells the technology, how law enforcement uses it, threats it poses, among other information.

Calling Your Bank? Be Prepared to Have Your Voice Biometrics Collected

The chances that you’ve had your voice’s unique biometric identifier recorded are high. JPMorgan Chase, Wells Fargo, Barclays, and U.S. Bancorp have all implemented biometric platforms to identify individuals via “voice print” authentication.

Huge Security Flaw Exposes Biometric Data of More Than a Million Users

Biostar 2 is a security system used globally to safeguard commercial buildings. In 2019, a system vulnerability led to a data breach. More than 1 million credentials, including biometric fingerprint identifiers were exposed.

FBI Must Not Sidestep Privacy Protections For Massive Collection of Biometric Data

The FBI has requested to be exempt from federal privacy provisions that protect individuals personal information from misuse and abuse. The Electronic Frontier Foundation calls for legislation that would allow individuals to learn what data the government has on them and how that information is used.

Behavioral Biometrics – Types, Use Cases, Benefits

Traditional authentication methods like PIN and password are becoming largely inefficient. Advanced authentication methods like behavioral biometrics are a potential solution. This post explores the different types of behavioral biometrics and their use cases.

Banks and Retailers Are Tracking How You Type, Swipe and Tap

Behavioral biometrics, such as the way you press, scroll and type, can be used by banks and merchants to collect data on customers and verify that the user is who they claim to be.

Gait Recognition System: Deep Dive into This Future Tech

Gait is a behavioral indicator used to identify a person based on their walk. Gait recognition systems observe characteristics like the human skeleton, silhouette, height, speed, and walking characteristics. Read to learn more about gait recognition, and the advantages and disadvantages of the technology.

The ‘Seductive Surveillance’ of Voice Recognition

The voice recognition and voice profiling industry is rapidly expanding, giving companies unprecedented insight into the behavior and habits of their consumers. This Q&A style report features Joseph Turows, an expert in the ad-tech industry.

Behavioral Biometrics and Biometrics in Payment Cards: Beyond the PIN and Password

With the cyber threat landscape growing and consumers becoming weary of endless password authentication methods, financial institutions have begun to assess biometric identification methods. Explore how biometric technology can enable banks to innovate online user authentication.

Can Behavioral Biometrics Change the Future of Cybersecurity?

There are several behavioral biometric approaches on the market including typing biometrics, voice recognition, signing pressure, and gait biometrics, yet they are currently not accurate enough to be used for verification.

Texas Sues Meta Over Facebook’s Facial-Recognition Practices

The Texas attorney general sued Facebook over its use of facial-recognition technology. Attorney Ken Paxton claimed the technology violated state privacy protection policy for personal biometric data.

Facebook’s Massive Crash Was a Wake-up Call. Don’t Let the Next Digital Crisis Catch You Unprepared

Facebook’s day-long crash revealed society's dependence on social platforms. The outage compromised marketing dependent businesses and posed connectivity risks.

Facebook Doesn’t Know What It Does With Your Data, Or Where It Goes: Leaked Document

Facebook has a fundamental problem, the company has no idea where its user data goes. According to a leaked internal document, Facebook privacy engineers admit to a lack of data control, and thus a struggle to respond to privacy policy commitments.

Could a Bank Deny Your Loan Based on Your Facebook Friends?

In August 2021, Facebook secured a U.S. patent allowing lenders to measure an individual’s creditworthiness based on a user's social networks. Will our Facebook friends soon be shaping our credit profiles?

Applied for Student Aid Online? Facebook Saw You

Any student who accessed the webpage “StudentAid.gov” after January 2022 may have had their personal information shared with Facebook. Learn how Facebook gathers data from external websites using Meta Pixel, a tracking technology.

Revealed: Facebook's Internal Rulebook on Sex, Terrorism and Violence

Facebook’s rules and guidelines for deciding what users can post on the site are revealed for the first time in a Guardian investigation, fueling debate about the ethics of the company, as many moderators have concerns about inconsistent policies.

Facebook (Still) Letting Housing Advertisers Exclude Users by Race

After ProPublica revealed that Facebook advertisers could target housing ads to whites only, the company announced it had built a system to spot and reject discriminatory ads, yet issues remain.

Facebook Executives Shut Down Efforts to Make the Site Less Divisive

Facebook executed an internal study in effort to understand how its platform shaped user behavior. The company concluded that its algorithms polarized users. Read to learn why Facebook no longer plans to combat platform divisiveness.

Facebook and Big Tobacco: Why Social Media Is (and Isn’t) Like Cigarettes

“Facebook is like Big Tobacco.” Members of congress seem to like this comparison, especially when describing social media’s impact on children. This video explores the similarities and differences Facebook shares with Big Tobacco.

All the Ways Facebook Tracks You — and How to Limit It

Facebook gathers a lot of data about you. This data is primarily used for ad-targeting. Learn how Facebook tracks you and the strategies you can implement to regain digital privacy.

Cambridge Analytica and Facebook: The Scandal and the Fallout So Far

Documents prove that Cambridge Analytica used data improperly obtained from Facebook to build voter profiles.

How to Find out What Facebook Knows About You

What does Facebook know about you? This tutorial walks you through the personal information Facebook has collected. For example, the platform knows your preferences, political alignment, and habits.

Google Allows Removing Personal Info from Search Results

Earlier this year, Google recognized that policy and identity protections need to evolve. The data giant has agreed to broaden the scope of content removal from Google Search.

Data Privacy Concerns with Google

Google collects and stores a plethora of data. This resource reviews Google’s history of data leaks, cookie usage, user tracking, and more.

Google Proposes a New Way to Track People Around the Web. Again.

Google makes up more than 60% of the web-browsing market. Subsequently, a large portion of Google’s revenue can be attributed to the ad-tech industry. Following backlash from privacy advocates, Google proposed a new way to track web browsing. Read to explore the pro’s and con’s of Google’s proposed system.

Chrome’s Incognito Mode Isn’t Private, So What’s the Point?

Unlike its name, Chrome’s Incognito Mode isn't really private. Read to learn why Incognito Mode does not fully enable private browsing.

How to Find out What Google Knows About you and Limit the Data it Collects

If you use Google products, such as Gmail and Google Search, your data is being collected. This resource enables you to see what data Google collects. Learn how Google keeps tabs on your location history, Youtube searches, Youtube watch history and more.

Google Hit With More Privacy Complaints for “Deceptive” Sign-up Process 

The Google sign up process is designed to allow data tracking. Consumer advocates and privacy regulators have argued against Google, calling for privacy friendly sign-up options.

Google Delays a Privacy Change to its Chrome Web Browser

Google intends to gradually block trackers, or cookies, from Chrome in mid-2023 and eliminate them altogether later that year.

Apple vs. Feds: Is iPhone Privacy a Basic Human Right?

Few corporations can steer away from the complex political and social issues of the day. This article examines the tech company Apple and how CEO Tim Cook championed customer data privacy.

Apple Adds 'BlastDoor' Security Feature to Fight iMessage Hacks

BlastDoor is a security service that will roll out with Apple’s iOS 14 update. The feature focuses on preventing zero-click, iMessage based hacks.

Apple Wants to End Passwords for Everything. Here’s How It Would Work

Passwords have been the online security standard, however, the use of passcodes poses many risks. To combat password insecurity, Apple plans to end passwords and replace them with passkeys. Passkeys include biometric authentication methods, security keys, or PINS.

Despite the Hype, iPhone Security is no Match for NSO Software

If you are an iPhone user, you may not be secure against malicious Pegasus installation. Pegasus spyware can collect emails, call records, sound recordings, and browsing histories. If you believe Apple products keep you safe from spyware, think again!

Apple's iOS15.2 is a Major Privacy Update That Lets you see how Apps are Tracking you. It's Very Bad News for Facebook

iOS 15.2 was rolled out in March of 2022. The headlined installment of Apple's update was its new privacy focused feature: App Privacy Reports.

The IDFA is Dead

To increase consumer privacy, Apple announced it would deprecate its Identifier for Advertisers (IDFA).

To Be Tracked or Not? Apple Is Now Giving Us the Choice.

iOS 14.5 includes a new privacy tool, App Tracking Transparency, which could give consumers more control over how data is shared.

Apple and Google Split with Startups Over Antitrust Bill

Big Tech opposes two two pieces of proposed legislation: The American Innovation and Choice Online Act, which prevents Big Tech from favoring their services over others, and the Open App Markets Act, which aims to promote competition on app stores.

How Apple and Google Formed One of Tech’s Most Powerful Partnerships

Apple and Google, two of the world's biggest companies, have formed a multi-billion dollar partnership. It is estimated that Google pays Apple $8-12 billion a year to make Google the default search engine of Apple devices. At the same time, 15-20% of Apple’s revenue comes from its deal with Google.

Apple's App Tracking Transparency Update Is Turning Out to Be the Worst-Case Scenario for Facebook

Apple’s transparency update enables users to opt out of tracking. When given a choice, most people choose not to have their personal data tracked. Read to learn why Facebook is troubled by Apple’s transparency update.

FCC Member Calls On Apple, Google to Banish TikTok

The Biden administration has decided to study TikTok and other foreign controlled apps to investigate potential national security risks. To the FCC, the president’s ordained investigation is not enough – The federal communication regulator calls on Apple and Google to remove TikTok from their app stores.

Facebook Takes the Gloves Off in Feud With Apple

Apple plans to start requiring iPhone owners to choose whether to allow companies to track them across different apps, yet the practice threatens Facebook as the company is reliant on it to target ads and charge advertisers more.

Amazon’s Ring Gave Surveillance Footage to Authorities 11 Times This Year Without User Consent

Amazon bought its doorbell division, Ring, for over $1 billion in 2018. Learn how Amazon’s home surveillance device has raised privacy concerns and how the e-commerce company has a data sharing history with law enforcement agencies.

Amazon Slams Amy Klobuchar’s Big Tech Bill While Monopoly Critics Slam Amazon

The American Innovation and Choice Online Act would prohibit Amazon from giving preference to their own products and limiting the availability of competing products, making the company oppose the bill and claim that the target of “self-preferencing” practices would cost them billions of dollars in fines. However, anti-monopoly advocates do not buy the company’s argument.

Thousands of Amazon Workers Listen to Alexa Users' Conversations

Amazon employs an Alexa voice review team, whose job is to listen and transcribe voice recording captured by Alexa. Read to learn how Amazon is addressing the privacy concerns around the Alexa voice review process.

Amazon Can’t Get Out of Big Tech’s Meeting Hell

Amazon is a tempting target for shareholder proposals and Amazon shareholders have valid reasons for discontent.

Amazon Says US Government Demands for Customer Data Went Up

According to Amazon’s transparency report, subpoenas and search warrants received by the government have increased. The data demanded by the government includes information collected from Echo, Kindle and Fire tablets, and inputs from Amazon’s home security devices.

How Do Big Tech Giants Make Their Billions?

Explore where Big Tech companies make their money, specifically how they generate revenue and how it breaks down.

Breaking Big Tech Bad

The American Innovation and Choice Online Act is a bill that targets Big Tech companies. While the need for tech regulation is widely agreed, the American Innovation and Choice Online Act will create more problems than it solves. Explore why WSJ authors are pessimistic about the bill.

Big Tech Is Pushing States to Pass Privacy Laws, and Yes, You Should Be Suspicious

Big Tech is pushing to pass friendly, watered-down state privacy bills to avoid greater protections.

Andrew Yang is Pushing Big Tech to Pay Users for Data

Andrew Yang wants people to get paid for the data they create on big tech platforms through his Data Dividend Project, which establishes data as property rights under privacy laws like the California Consumer Privacy Act (CCPA).

The ‘Capital of Silicon Valley’ Is Ignoring Its Privacy Experts

In response to privacy concerns, San Jose created its Digital Privacy Advisory Taskforce. However, a series of emails obtained by Motherboard allude to clashes between Silicon Valley’s technologists and privacy experts.

How Big Tech Turns Privacy Laws Into Privacy Theater

Big Tech whistleblowers are rare and many don’t realize how complicit they are in their employers’ efforts to undermine privacy.

Tim Cook Expects our Behavior to Change When we Feel 'Surveilled all the Time' by Tech: 'It Changes Society in a Major Way'

If you use Google products, such as Gmail and Google Search, your data is being collected. This resource enables you to see what data Google collects. Learn how Google keeps tabs on your location history, Youtube searches, Youtube watch history and more.

How to Protect Children From Big Tech Companies

Congress is considering various rules to regulate Big Tech. One proposed solution is to set an age limit on social media sites.

Big Tech Is Getting Clobbered on Wall Street. It’s a Good Time for Them.

Facebook, Apple, Amazon, Microsoft and Google are expected to emerge from a downturn stronger and more powerful in their respective markets.

Facebook Is Receiving Sensitive Medical Information from Hospital Websites

The Markup tested the websites of America’s top 100 hospitals. 33 of them contained a tracker, called the Meta Pixel. Meta Pixel, a tool created and owned by Facebook, collects patients' sensitive health information.

Health Insurers Are Vacuuming Up Details About You — And It Could Raise Your Rates

Health insurers have been merging information from data brokers with individuals' health histories to predict patient outcomes. Aggregated information is then used to assess risk and determine profit maximizing price plans.

Can the Private Sector Help Regulate Health Data Privacy?

Many companies in the health tech sector have lax privacy practices, leading a group of nonprofits to call for a self-regulatory project to guard patients’ data when it’s outside the health care system.

Three Emerging Risks and Regulations Affecting Fitness Trackers and Wearable Devices

The most extensive protection for personal health information is derived from the Health Insurance Portability and Accountability Act (HIPAA). HIPAA is not currently understood to apply to fitness wearable and such lack of clarity creates a gray area over the industry’s use of health information.

Fitness Wearables: Who's Tracking Who?

Fitness wearables collect an array of data including one's heart rate, sleep patterns, stress levels, location, and sexual activity. Users need to be more aware of how unprotected health data could facilitate identity theft, drive up insurance premiums, and affect job status.

Facebook and Anti-Abortion Clinics Are Collecting Highly Sensitive Info on Would Be Patients

Facebook's user tracking code, Meta Pixel, has been found on the websites of crisis pregnacy and abortion centers. Read to learn about the advertising incentives and privacy concerns of storing health data.

Millions of Americans' Medical Images and Data Are Available on the Internet. Anyone Can Take a Peek

Medical images, including X-rays, MRIs and CT scans, and health data belonging to millions of Americans, are unprotected on the internet and available to anyone with basic computer expertise.

Congress is Finally Taking Medical Cybersecurity Seriously

Internet connected medical devices are often targeted by hackers, leaving both patient data and health in danger. In April 2022, senators proposed a new bill that would require the FDA to issue medical device security guidelines.

IDX's CEO Tom Kelly Talks Cybercrime and Health Organizations

Medical data transferred from a physician to a mobile app is no longer protected by HIPPA. IDX CEO, Tom Kelly, issues warnings and offers practical solutions to individuals who use mobile health apps.

Defending the Healthcare Security Landscape in the Age of Connected Devices

The average U.S. hospital bed contains 10 to 15 internet-connected devices and the medical device market is expected to grow. As the number of connected medical devices expands, hackers gain an increased attack surface. Read to learn how medical providers, device manufacturers, and regulators can work together to ensure the safety of medical devices.

FBI Blocked Planned Cyberattack on Children’s Hospital, Director Says

Iranian hackers planned a cyberattack on Boston Children's Hospital. The attack was thwarted, thanks to a partnership between the hospital and the FBI.

Medical Device Cybersecurity: What You Need to Know

Most medical devices connect to hospital networks, cell phones, or other devices to share information.  As intertnet-connected devices become more widespread, it has become imperative to implement medical device cyber security. Learn about some tips from the Food and Drug Administration (FDA) to protect your device and personal information.

Congress is Finally Taking Medical Cybersecurity Seriously

A new bill proposed by Sens. Jacky Rosen (D-Nev.) and Todd Young (R-Ind.) would require the Food and Drug Administration (FDA) to issue cybersecurity guidelines more regularly and share information about vulnerable devices on its website, following concerns on the vulnerabilities of medical devices to cyberattacks.

Federal Patient Privacy Law Does Not Cover Most Period-Tracking Apps

The Health Insurance Portability and Accountability Act (HIPAA), a federal patient privacy policy, has not kept up with technological advancements. For instance, HIPAA does not cover health care apps, fitness trackers, or at home-tests.

Internet History, Texts, and Location Data Could all be Used as Criminal Evidence in States Where Abortion Becomes Illegal Post-Roe, Digital Rights Advocates Warn

With Roe v. Wade overturned, concerns over digital privacy and data safety have amplified. Such concerns are not without reason as law enforcement could use one's location data and browsing history as evidence.

Search Histories, Location Data, Text Messages: How Personal Data Could be Used to Enforce Anti-Abortion Laws

Following the ruling to overturn Roe v. Wade, digital rights experts warn that search histories, location data, messages and other digital information could be used by law enforcement agencies investigating or prosecuting abortion-related cases.

With Roe v. Wade Overturned, Your Abortion Searches Could Be Used to Prosecute You

Out of the top 20 websites used for online aboriton pill purchase, 17 used unencrypted, non-secure, HTTP. This statistic sheds light to the ease of accessing online personal data concerning aboriton. Now that Roe v. Wade is overturned, such information can be demanded by law enforcement agencies to enforce anti-abortion laws.

Roe v. Wade Overturned: Here's how Tech Companies and Internet Users can Protect Privacy

The Supreme Court's decision to overturn Roe v. Wade raises questions about whether and how tech companies should protect the information of users seeking reproductive health care.

These Period Tracker Apps Say They Put Privacy First. Here’s What We Found.

Four period tracking apps, Drip, Euki, Lady Cycle, and Periodical, were evaluated on the basis of user security. CR’s Digital Lab tested how well products and services protected consumer privacy. With concerns growing over reproductive health privacy, period tracking apps are under pressure to improve privacy policies.

The US Urgently Needs New Genetic Privacy Laws

DNA data laws are filled with loopholes, yet people continue to put their DNA on the internet, creating the need for new genetic privacy laws.

It’s Too Late to Protect Your Genetic Privacy. The Math Explaining Why.

The centiMorgan (cM) measures how much DNA we share with others, specifically the length of identical segments that two people share due to descent from a common ancestor. This makes it possible to be tracked down without ever personally submitting DNA.

5 Biggest Risks of Sharing Your DNA With Consumer Genetic-Testing Companies

Genetic testing companies, like Veritas Genetics, Ancestry and 23andMe, come with privacy risks that are not well understood by consumers.

The Privacy Problems of Direct-to-Consumer Genetic Testing

An investigation by Consumer Reports found that direct-to-consumer genetic testing companies employ policies and practices that may unnecessarily compromise consumers’ privacy. While these companies do a relatively decent job of protecting DNA data, the many types of non-DNA data they gather are not treated with the same care.

DNA Testing Firm Data Breach Exposed Sensitive Information of More Than 2.1 Million People

A data breach associated with DNA Diagnostics Center (DDC), a national genetic and paternity testing organization, led to hackers accessing the personal information of more than 2.1 million people. While no genetic information was stolen and the breach was limited to the archived system, hackers accessed full names, social security numbers, credit and debit card numbers and CVV, financial account numbers, and the breached system’s password.

A DNA Site Helped Authorities Crack the Golden State Killer Case. Here’s What You Should Know About Your Genetic Data Privacy

Investigators used GEDmatch to pinpoint and arrest the Golden State Killer, yet many consumers utilize genetic testing companies without fully understanding the issue of genetic privacy.

Covid-19 Vaccines Are Coming — So Are Hackers

Cybercriminals have discovered a massive profit opportunity in the midst of COVID-19. During the pandemic, hackers have targeted the vaccine distribution and supply chain.

So This Is What Vaccine Passports Were Leading To

During the pandemic, a plethora of digital tools were introduced, each embedded with questionable data collection features. A YouTuber accepted the controversial tools (e.g. tracking apps) under the guise of COVID-19. Watch to learn how the government used and abused its citizens' personal data.

Telehealth: A Quarter-Trillion-Dollar Post-COVID-19 Reality?

Explore how the increase in telehealth usage has remained relatively stable since June 2020.

How the Pandemic has Exacerbated Online Privacy Threats

Due to COVID-19, many individuals were forced to engage in online work, education, and activities, leading to increased tracking and data sharing with third parties.

How Americans See Digital Privacy Issues Amid the COVID-19 Outbreak

During the coronavirus outbreak, Pew Research Center surveyed Americans on their views related to privacy, personal data, and digital surveillance. Explore 10 takeaways from the research.

Open Science Sessions: How Flawed Data has Driven the Narrative

Norman Fenton is a Profession of Risk Management and specializes in risk management for critical systems. In this presentation, Dr. Fenton discusses the probabilistic models used during the COVID pandemic, and how those models inaccurately presented COVID data to the general public.

Police Deploy 'Pandemic Drone' to Detect Fevers and Enforce Social Distancing

In mid 2020, Connecticut police announced the use of “Pandemic Drones,” used to monitor the enforcement of covid rules. The drones were able to enforce social distancing and detect respiratory abnormalities.

Yes, Your Personal Information Is for Sale. Here’s What to Do About It

Data brokers are sites that legally gather and sell your information. These sites use automated software to harvest information from tech companies, telecommunication providers, credit bureaus, tax records, court records, and other public sources. Your personal data is then unified and sold at a listing price of $20.

A Data Broker Offers a Peek Behind the Curtain

The Acxiom Corporation, a marketing technology company that has collected details on many adults in the United States, released a free website where consumers can view some of the information the company has collected about them.

Data Brokers Know Where You Are — and Want to Sell That Intel

Data brokers, among selling other sensitive consumer information, have begun selling real-time location data. Information on the number of times and duration an individual visited a location can be purchased for a small fee or no cost at all. Read to learn how private companies intimately track American’s daily lives.

How to Keep Your Data From Brokers and Marketers

Privacy Rights Clearinghouse estimates that there are over 500 data brokers in the U.S. With a vast number of companies collecting and selling your personal information, it is crucial to combat data tracking. Explore how you can keep your data from brokers.

Everything We Know About What Data Brokers Know About You

Explore what we know and do not know about the consumer data industry, including how much companies know about individuals, where they get the information, buying and selling limits, and other findings.

How to Wrestle Your Data From Data Brokers, Silicon Valley — and Cambridge Analytica

Learn how you can obtain your data from Cambridge Analytica, ALC Digital, Facebook, Google, Experian, Epsilon, and Oracle, as well as what you may receive from each company.

Data Brokers: Last Week Tonight with John Oliver

The multibillion-dollar data broker industry collects your personal data and resells it to others. This unregulated, invasive industry has been mediating surveillance capitalism.

Here are the Data Brokers Quietly Buying and Selling Your Personal Information

The new Vermont law requires companies who buy and sell third-party data to register with the Secretary of State. The law has revealed 120 U.S. based data brokers.

Data Broker Profile: Timeline Example of Abuses

Data brokers have histories of breaches, hacks, and privacy complaints. This resource provides a timeline of activities and abuses of data brokers from 2000-2018.

Oracle

Oracle is a preeminent databroker who specializes in marketing and ad-targeting. This research tool introduces the broker, and provides crosslinks to explore related news and updates.

Acxiom

Acxiom is a marketing broker who aggregates and links consumers information to provide highly personalized ads. This research tool introduces Acxiom and provides an overview of the company's activities.

Equifax Says Cyberattack May Have Affected 143 Million in the U.S.

Equifax endured a cyberattack where hackers gained access to information including social security numbers, driver’s license numbers, names, birth dates, and addresses.

Acxiom, the Quiet Giant of Consumer Database Marketing

In 2012, more than 23,000 computer servers were collecting, collating, and analyzing consumer data for the Acxiom Corporation. The company has amassed a large commercial database on consumers, collecting data points on individuals.

After Breach, Companies Warn of E-Mail Fraud

An Epsilon breach exposed the e-mail addresses, and some names, of customers of some of the largest companies in the country.

The Little-Known Data Broker Industry Is Spending Big Bucks Lobbying Congress

Collectively, data broker spending on lobbying in 2020 rivaled the spending of individual Big Tech firms like Facebook and Google. This article explores how the data broker industry is spending money on lobbying, often in an attempt to avoid data security and privacy regulation.

The Real Problem Wasn’t Cambridge Analytica, But The Data Brokers That Outlived It

Cambridge Analytica was a political consulting firm that got caught in a scandal for misusing millions of users’ Facebook data. This post argues Cambridge Analytica failed to produce a proper legislative repose. Personal data is continuously exploited by data brokers who are hardly regulated.

Time to Build a National Data Broker Registry

Jordan Abbott, chief data ethics officer for Acxiom, believes that until the United States has a national privacy law, a national data broker registry should be implemented to help consumers differentiate good data actors and bad ones.

Data Brokers Are a Threat to Democracy

Federal privacy bills don't give sufficient attention to data brokers. This opinion piece claims data brokers are the “middlemen of surveillance capitalism” and a threat to democracy. Read to learn how data brokers purchase, aggregate, and repackage sensitive data, with virtually no restrictions.

Congress to Investigate Data Brokers and Period Tracking Apps

After Motherboard’s findings that data firms were offering information pertaining to visitors of Planned Parenthood abortion clinics, the House Oversight Committee began investigating the privacy of reproductive health data and demanding more information from data brokers and companies that manage period tracking apps.

Analysis: Vermont's Data Broker Regulation

Following the 2017 data breach of Equifax, Vermont enacted an unprecedented bill to regulate data brokers. Read to learn how Vermont’s regulation strives to improve consumer data protection.

Intel Executive: Rein In Data Brokers

Given how quickly personal data can be spread, sold, and shared, David Hoffman, associate general counsel and global privacy officer at Intel Corporation, advocates for congress to pass comprehensive federal privacy legislation to protect the privacy of individuals.

99% of Executives Listed on More Than Three-Dozen Data Broker Websites

Data brokers pose problems to individuals and businesses alike. For starters, a leaked IP address could lead to network eavesdropping and communications hijacking.

How Data Brokers Threaten Your Privacy

Learn about what a data broker does and how they are legal.

Data Brokers: A Call For Transparency and Accountability

For decades, policy makers have expressed concern over the lack of transparency in the data broker industry. In this report, the Federal Trade Commission conducts an in-depth study of nine brokers and their practices.

Twelve Million Phones, One Dataset, Zero Privacy

A dataset revealed more than 50 billion location pings from the phones of more than 12 million Americans, with each piece of information illuminating the precise location of a smartphone. This information was alarming to many as the findings could easily be abused.

Data Brokers and Sensitive Data on U.S. Individuals

This report examines 10 major data brokers and the data they hold on individuals, as well as addresses the policy implications for the United States.

All the Ways Spotify Tracks You — and How to Stop It

Everything you do on Spotify is tracked: every tap, track played, playlist created, and podcast listened to is fed to the app's big data machine.

Targeting on Ad Studio

Learn how Spotify Targets and delivers real-time advertisements.

Spotify and Tinder Need to Stop Being Creepy With Customer Data

Big tech is using personal data to creep on you. Learn how Tinder tracks your casual encounters, how Netflix analyzes your viewing trends, and how Spotify is creating increasingly targeted advertisements.

WPP’s Data Alliance Partners With Spotify

Spotify provides a unique data set for the marketing industry. For starters, musical attributes can be used to predict an individual's mood, resulting in the deliverance of more relevant ad targeting.

A Bigger Picture on Elon & Twitter

Unlike other social platforms, Twitter is a place where politics and journalism live. Journalists and the media have large control over what people are feeling, thinking, and believing. While many consider Twitter solely as a platform for free speech, the app also has large control over the political and democratic landscape. Tune in to this episode of Your Undivided Attention to learn about the risks and opportunities Elon Musk faces as the new Twitter owner.

Elon Musk Says He Will Encrypt Twitter 2.0 Messages To Stop Spying

Elon Musk claims he will introduce end-to-end encryption for Twitter's direct message feature. While encryption is a step in the right direction, even when encoded, messages will not be 100% private.

Twitter Has a New Owner. Here’s What He Should Do.

When you send a direct message on Twitter, three people have access to that message: you, the recipient, and Twitter itself. Elon Musk plans to implement end-to-end encryption, disabling Twitter from accessing your private messages. Read to learn more about Musk’s plans and if experts agree with his platform renovation ideas.

After This Week’s Hack, It Is Past Time for Twitter to End-to-End Encrypt Direct Messages

Hackers gained access to an internal admin tool and compromised high profile Twitter accounts (e.g. Elon Musk and Barack Obama). Learn how Twitter was at fault for this attack and how implementing end-to-end encryption could have safe guarded the social network company from the attack.

Twitter Settings Changes That'll Help Keep Your Data Private

Learn about a few tweaks that you can make to stop Twitter from sharing your information.

TikTok Faces Scrutiny in State Attorneys General Probe of Online Harms to Children

TikTok has an estimated 90 million U.S. users, many of whom are children. A coalition of state attorneys general are launching an investigation into TikTok to examine the psychological effects on young users.

U.S. Moving — Some Say Too Slowly — to Address TikTok Security Risk

The Biden Administration ordered a review of apps controlled by foreign adversaries. Of the apps reviewed, TikTok was highly scrutinized. Read to learn why TikTok was flagged as a security threat and what government officials are doing to address the data security problem.

Investigation: How TikTok's Algorithm Figures Out Your Deepest Desires

A Wall Street Journal investigation sought to uncover the processes that enables TikTok’s addictive algorithm. The analysis revealed that amount of time one lingers over a piece of content is the largest determinant of user engagement.

How the U.S-China Fight for TikTok Further Fractures the Internet

TikTok was labeled a national security threat by former President Donald Trump. While TikTok’s parent company is independent from the Chinese government, fears arose over the possibility that TikTok will be forced to share user data.

Parents of Two Children Sue TikTok After Alleging They Died From Doing ‘Blackout Challenge’

TikTok, the highly scrutinized social media app, faces yet another lawsuit. Two parents filed suit alleging the company’s algorithm motivated minors to participate in the deadly ‘blackout challenge’.

TikTok Videos Show What It’s Like Living With Dementia, and Raise Privacy Questions

Dementia-related hashtags have accumulated billions of views on TikTok, and are part of a growing category of posts related to medical conditions and disorders. The goal of these posts is to raise awareness and reduce stigma, yet controversy remains. There is debate about privacy and consent when caretakers post videos of those with dementia, at times when they are confused or acting out, to offer tips, provide education, vent frustrations, and find support online without permission of the individual battling the condition.

Grindr User Data Was Sold Through Ad Network

Since 2017, Grinder has been collecting and selling user location data. In 2020, the dating app ceded sharing user information with ad partners.

How Safe is Online Dating? Data Privacy in Dating Apps

How safe is a user's personal data when provided to online dating sites? This article examines the types of demographic data collected by online dating apps, the associated privacy struggles, and suggested security improvements.

Tinder and OkCupid Could Soon Let You Background Check Your Date — for a Price

Match Group, which owns Tinder, Hinge, Match.com, OkCupid, PlentyofFish and others, is investing in Garbo, a startup that helps app users conduct background checks on prospective dates.

The Teens Slipping Through the Cracks on Dating Apps

While online dating is a common way for adults to find new relationships, the ease with which underage users can create profiles remains largely unaddressed, allowing many to lie about their birthday and begin interacting with others.

Shedding More Light on How Instagram Works

Instagram uses a variety of algorithms to rank content. Each part of the app; feed, explore, and reels, are ranked based on user generated signals and statistical predictions. This post sheds light on how Instagram’s technology works.

Instagram Amid Rising Privacy Concerns is Working on a Cookies Data Permissions Section

Following rising privacy concerns, Instagram started to make cookies more user controllable. The social media platform plans to provide users with a cookies privacy section.

How to Protect Your Privacy on Instagram

An Instagram profile reveals an abundance of personal details. This article offers tips and tricks to protect your privacy on Instagram.

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

A critical vulnerability was found in Instagram's code that allowed hackers to gain control of a user's social media account and mobile device. Read to learn how this vulnerability works and how to stay safe on Instagram.

Instagram Privacy Policy: What You Should Know?

Like most social media apps, Instagram makes money through advertising. Learn how Instagram uses your data for ad-targeting and the strategies you can implement to limit the platform's data collection.

Instagram Fumbles in Its Moderation of Abortion Content

Instagram has labeled several posts about aboortion rights as sensitive content. Following the censorship of abortion realted information, questions concerning the platform’s content moderation algorithm arose.

Learn All About Snapchat’s Privacy Policy

Snapchat is a mobile app used for chatting and video. This post analyzes Snapchat's privacy policy and proposes user data control strategies.

Is Snapchat Privacy-Friendly? [Analysis]

Snapchat gained its popularity through its “disappearing” photos feature. From the margins, this feature may allude to user privacy. In reality, snap memories are saved on Snapchat’s servers and deleted snapchats can easily be recovered.

Secret Service Chief James Murray Leaving Agency for Snapchat

Secret Service Director James Murray stepped down from his position and accepted a job as the chief security officer for Snap Inc., the owner of Snapchat.

The Human Problem at the Heart of Snapchat’s Employee Data Breach

A Snapchat data breach exposed payroll information, social security numbers, and names of roughly 700 employees. The attacker posed as the company’s chief executive and tricked an employee into emailing the sensitive information.

A Phishing Attack Scored Credentials for More Than 50,000 Snapchat Users

Thousands of Snapchat account credentials were available on a public website during a phishing attack that impacted over 55,000 accounts. The attack relied on a link sent to users that, when clicked, opened a website that mimicked the social media company’s login screen.

Violent but Vague: Videos Like Those Linked to Highland Park Shooting Suspect Lost in Firehose of YouTube Content.

Following the mass shooting in Highland Park, Illinois, concerns about tech companies’ moderation efforts rise, especially since the shooter posted violent content on YouTube and other platforms prior to carrying out the massacre.

How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users

Despite Mark Zuckerberg’s assurance of secure WhatsApp messages, WhatsApp has more than 1,000 contract workers in Austin, Texas, Dublin and Singapore sifting through millions of private messages, images, and videos.

As Young Gunmen Turn Toward New Social Networks, Old Safeguards Fail

The gunmen from the Uvalde and Brooklyn shootings used a combination of apps including Snapchat, Instagram, Discord, and Yubo to meet people and share violent plans. These apps, designed to keep communication more-private, are ill-equipped to police such content.

Alasdair Allan: The Coming Privacy Crisis on the Internet of Things | TED Talk

The content on the internet appears to be free. It’s not! We pay for it with our data. The Internet of Things consists of devices, like smart-phones and watches, that collect and sell our sensitive data.

What Is the Internet of Things (IoT)?

The Internet of Things allows connection to everyday objects: devices include kitchen appliances, cars, thermostats, and baby monitors. Learn about IoT and its industry-wide applications.

IoT's Importance is Growing Rapidly, But Its Security Is Still Weak

Unmanaged IoT devices are growing in number, creating an extended attack surface. As the attraction of IoT devices remains authentic, there is a pressing need to tighten device security. Read to learn about the risks of insecure IoT devices and the rewards to implementing IoT protection strategies.

Main Challenges of Implementing IoT Security Standards

Generic security protocols have been failing to secure IoT devices. This post describes the common problems associated with implementing IoT security standards and calls for an overarching system of regulations.

How Blockchain Will Solve Some of IoT's Biggest Security Problems

A blockchain is a series of distributed data records that are linked together to become an immutable digital ledger. As the number of IoT devices are forecasted to grow exponential, blockchain technology can provide much needed device security.

Three Emerging Risks and Regulations Affecting Fitness Trackers and Wearable Devices

The most extensive protection for personal health information is derived from the Health Insurance Portability and Accountability Act (HIPAA). HIPAA is not currently understood to apply to fitness wearable and such lack of clarity creates a gray area over the industry’s use of health information.

Every Consumer IoT Device Should be Free

Smart devices, or IoT devices, are becoming more common and providing retailers with another data access point. Learn how IoT providers benefit from the influx of IoT generated user data, yet consumers pay for the device and risk losing sensitive data.

Alexa has Been Eavesdropping on You This Whole Time

Amazon keeps a copy of everything Alexa records after it hears its name.

Skill Squatting: The Next Consumer IoT Nightmare?

Smart speakers rely on voice commands to perform a task. Skill squatting occurs when bad actors expose users to risks by redirecting commands to malicious gateways. These malicious re-routes can grant hackers access to password information or a home network.

Peloton’s Leaky API let Anyone Grab Riders’ Private Account Data

Peloton is an exercise media and equipment company with more than 3 million subscribers. In 2021, a system bug exposed users' private data including a person's age, gender, city, weight, and workout history.

Fitness Wearables: Who's Tracking Who?

Fitness wearables collect an array of data including one's heart rate, sleep patterns, stress levels, location, and sexual activity. Users need to be more aware of how unprotected health data could facilitate identity theft, drive up insurance premiums, and affect job status.

What Is the Metaverse, Exactly?

Meta and Microsoft are building technology to enable the metaverse. While the idea of a metaverse has been popular among tech companies, the constitutions of an immersive internet are largely vague and undefined. Read to learn what a metaverse is and what tech giants predict the metaverse will become.

Metaverse: Open for Business?

The metaverse has gone mainstream and has a wide range of use cases from the consumer-facing level to the enterprise setting. This review details how different industry sectors envision the metaverse.

The Metaverse in 2040

The Pew Research Center surveyed technology experts, asking their opinion about the trajectory and impact of the metaverse by 2040.

Privacy Unlikely in VR Spaces

Digital rights advocates have sounded the privacy alarm following Big Tech’s plan to create immersive VR spaces. In a metaverse future, tech companies profit off of expanded data collection capabilities. VR headsets collect more data about us than traditional screens.

U.S. vs. China: The Rules and Design Shaping the Metaverse

The transition to the metaverse is expected to be more complication in China than the U.S. While the U.S. has loose tech regulation, China has established subcommittee to create specific standards for the metaverse.

What Is the Metaverse's Future in K-12 and Higher Ed?

The Business Research Company projects the Augmented Reality/Virtual Reality (AR/VR) education-technology market to reach $32 billion by 2026. K-12 schools and universities have already adopted AR/VR tools for hands-on science courses, career exploration, and skill development operations.

Is There Privacy of Data in Smart Cities?

Smart city technology has opened up endless possibilities for surveillance monitoring. This report overviews the positive and negative aspects of big data and smart cities. When considering both benefits and downfalls, one thing remains clear: data privacy must remain central in policy making as the world transitions to smart cities.

Toronto Wants to Kill the Smart City Forever

In 2017, Toronto confirmed a smart city renovation guided by Sidewalk Labs, a Google owned urban development firm. However, the smart city plan failed. Experts argue that the city wasn't ready for a data rich future. Toronto’s residents could not tolerate private-sector control of their municipality.

Are Privacy Concerns Halting Smart Cities Indefinitely?

When creating digitally smarter cities, personal data privacy is often bypassed. This article considers arguments for and against creating smart, yet, privacy lacking cities.

We Need Smarter Cities Not Smart Cities

The term 'smart city,' has become synonymous with high-tech urbanization. This review calls for a more expansive concept of smart cities – a definition that encompasses a wide range of urban innovation and considers the interplay between the community, local government, and the private sector.

Redefining Smart Cities with Cloud Technologies

Cloud technologies play a central role in smart government applications. Smart cities integrate data, analytics, and security to produce beneficial business insights.

Securing Autonomous Vehicles Paves the Way for Smart Cities

Discussions of adopting autonomous vehicles (etc; the mass development and production of self-driving cars) have become more and more common. The advocates of personal use, autonomous vehicles, often ignore vehicle security, congestion, and emission issues. On the other hand, critics claim self-driving cars would be impractical in a city environment, especially following estimates of sustained population growth.

What Is The Artificial Intelligence Of Things? When AI Meets IoT

When artificial intelligence is added to the Internet of Things, you get the artificial intelligence of things (AIoT). AIoT allows devices to analyze data and make decisions without human involvement.

The EU AI Act: What you Need to Know, How to Improve It

The European Union wants to regulate artificial intelligence through the EU AI Act. Listen in on a conversation with Mozilla Foundation's Executive Director Mark Surman, as he describes the key facts of the EU AI Act.

The 7 Biggest Artificial Intelligence (AI) Trends In 2022

According to Google’s CEO, AI will have a greater impact on society than fire or electricity. Explore 7 AI trends that have been transforming technology in 2022.

Artificial Intelligence And Data Privacy – Turning A Risk Into A Benefit

Businesses love big data. When big data is fed to AI systems, companies gain unprecedented insights into their customer base. However, without a strong AI privacy policy, businesses can face significant financial loss and risk a company reputation.

Kira on GPT-3’s Pros + Cons – Privacy Is An Issue

GPT-3 is a language model that relies on algorithms to read and produce text. This article overview GPT-3, its strengths, and privacy weaknesses.

Privacy Framework

The National Institute of Standards and Technology (NIST) seeks to enable better privacy engineering practices that support privacy by design. Explore NIST’s Privacy Framework, a tool for improving privacy through enterprise risk management.

Privacy Not Included

Interested in buying a smart device? Recently downloaded a mobile app? Mozilla’s Privacy Not Included will generate a privacy report to aid your purchase decision making.

US State Privacy Legislation Tracker

Explore a tool that tracks proposed and enacted comprehensive privacy bills.

2022 State Privacy Law Tracker: A Comprehensive Resource for Tracking U.S. State Privacy Legislation

Explore a state-by-state interactive map that tracks privacy legislation in the U.S.

2022 Consumer Privacy Legislation

Explore consumer privacy legislation across the United States.

Trackers Ranks

This interactive site explores the top 902 most prevalent web trackers.

Blacklight

This resource is an interactive website privacy tracker. Enter in a link and see which user-tracking technologies are hosted on the site.

IT Governance Free Downloadable Green Papers

IT Governance has created a series of green papers to help organizations acknowledge incoming cyber threats, craft protective cybersecurity solutions, and comply with legal and industry regulations. Explore the green papers related to cyber security, data protection, security testing, and more.

Have I Been Pwned?

A breach is an incident that exposes confidential, sensitive, or protected information to the public. Enter an email address or phone number and discover if your data has been exposed.

How to Find out What Google Knows About You and Limit the Data it Collects

If you use Google products, such as Gmail and Google Search, your data is being collected. This resource enables you to see what data Google collects. Learn how Google keeps tabs on your location history, YouTube searches, YouTube watch history, and more.

How to Find out What Facebook Knows About You

What does Facebook know about you? This tutorial walks you through the personal information Facebook has collected. For example, the platform knows your preferences, political alignment, and habits.

Google Ad Settings, Ad personalization

Google personalizes ads based on your personal information, data from third-party adversitizers, and search history. Explore the categories Google has created concerning you.

The Data Informed Institution

Changes in demographics, technology, student needs, and budgetary pressures have directed the education industry to digital transformation. Learn how the educational environment can use data to adapt to change.

Foundation

The Mozilla foundation works to ensure internet accessibility and availability. Within this goal, Mozilla seeks to improve internet health and build trustworth AI systems. This page documents Moziall’s current movement.

Half of Americans Have Decided Not to Use a Product or Service Because of Privacy Concerns

52% of Americans have decided not to use a product of service due to privacy concerns. This report provides statistics encapsulating the American view of privacy and surveillance by companies and governments.

Social Media Use in 2021

A majority of Americans report using YouTube and Facebook, while adults under 30 years old more commonly use Instagram, Snapchat and TikTok.

Using Smartphones to Collect Behavioral Data in Psychological Science: Opportunities, Practical Considerations, and Challenges

Smartphones can unobtrusively collect behavioral data including data pertaining to social interactions, daily activities, and mobility patterns.

Teens, Social Media and Technology 2018

Explore the change in the most popular online platform amongst teens and the mixed views youth have on the impact of social media on their lives.

Mobile Fact Sheet

Explore the patterns and trends of mobile ownership and dependency.

Case Studies in Government Digital Identity

Governments, banks and other enterprises are using iProov’s biometric identity authentication to verify individuals.

Trellix Threat Labs Research Report

The Trellix Threat Labs Research Report analyzes cyberattacks and threats, including ransomware and those that target Ukraine.

Security Report 2019/2020

Explore the increasing malware rates.

These Companies Have the Best (And Worst) Privacy Policies

The Center for Plain Language ranked privacy policies on how easily they could be understood; those that ranked higher avoided jargon and confusing sentence structure, and were clearly organized.

We Read 150 Privacy Policies. They Were an Incomprehensible Disaster.

The length and readability of privacy policies from about 150 websites and apps were assessed using the Lexile test, revealing that most privacy policies exceed the college reading level.

Americans’ Attitudes and Experiences With Privacy Policies and Laws

97% of Americans say they have been asked to agree to a company's privacy policy, yet relatively few report reading and understanding these policies. This report by the Pew Research Center explores the demographic differences in reading privacy policies and provides statistics encapsulating the American opinion of corporate data accountability.

I Tried to Read All My App Privacy Policies. It Was 1 Million Words

When confronted with an app’s privacy statement, we habitually agree to its terms and give companies legal consent to use our data. Our incurious acceptance of privacy policies is often driven by the lengthy nature of privacy policies.

Microsoft Privacy

Explore Microsoft’s commitment to privacy.

Google Privacy Policy

Explore the information Google collects and how they use personal information.

Microsoft Privacy Statement

Explore the personal data Microsoft collects, how it is used, and why the company shares it.

Apple Privacy Policy

Explore how Apple collects, uses, and shares your personal data.

Facebook Privacy Policy

Explore what information Facebook collects and how it is used and shared.

LinkedIn Privacy Policy

Explore what data LinkedIn collects, how it is used and shared, and your choices regarding the information.

Twitter Privacy Policy

Explore how Twitter collects, uses, and shares your personal data.

Instagram Data Policy

Explore what information Instagram collects, how it is used, and what is shared with others.

Snapchat Privacy Policy

Explore the information that Snapchat collects, how it is used, whom it is shared with, and the controls the company gives users to access, update, and delete information.

TikTok Privacy Policy

Explore the information TikTok collects and how it's used.

Tiffany & Co. California Consumer Privacy Statement

California Consumer Privacy Statement applies solely to California consumers. Tiffany & Co. outlines personal information that may be collected.

Tiffany & Co. Privacy Policy

Explore the personal information that Tiffany & Co. collects, how the company uses the data, who it is shared with, and the measures taken to protect the information.

Dick's Sporting Goods Privacy Policy

Explore the types of information Dick’s Sporting Goods collects, the choices you have surrounding such information, and how personal data is collected, used, shared, updated, and secured.

WhatsApp Privacy Policy

Explore the information WhatsApp collects, how it is used, and what personal data is shared.

Slack Privacy Policy

Explore how Slack collects, uses and discloses information and what choices you have regarding personal data.

Signal Terms & Privacy Policy

Explore the security and end-to-end encryption that Signal uses to provide private messaging, Internet calling, and other services to users.

T-Mobile Privacy Notice

Explore how T-Mobile collects data, the personal data the company collects, how it is used and shared, how it is protected, and your personal data choices.

Verizon Privacy Policy

Explore the information Verizon collects, how it is used and shared, your choices about uses and sharing, and your rights under certain privacy laws.

AT&T Privacy Policy

​​Explore the information AT&T collects, and how it is collected, used, and shared.

Mastercard Privacy Notice

Explore the types of personal information Mastercard collects, why it is collected, the other parties with whom the company may share the information with, and the measures taken to protect the security of the data.

Visa Global Privacy Notice

Explore how Visa collects, uses, and discloses personal information.

American Express Privacy Center

Explore how American Express collects, uses, and shares information.

Uber Privacy Notice

Explore how Uber utilizes personal data.

Lyft Privacy Policy

Explore how Lyft collects, uses, and shares your personal information.

BP America Privacy Statement

Explore how BP American processes your personal information.

Airbnb Privacy Policy for the United States

Explore what personal information Airbnb collects, how the information is used, and what is shared with others.

Fitbit Privacy Policy

Explore the privacy practices that Fitbit implements for their devices, the information collected, how it is utilized, how it is shared, individual rights to control and access personal data, and the measures the company takes to keep data safe.

Privacy Policy for StudentAid.gov and the myStudentAid App

Explore the privacy implications of using the webpage StudentAid.gov and the myStudentAid app, both of which are operated by the U.S Department of Education.

The Walt Disney Privacy Center

Explore the types of information The Walt Disney Company collects, and how it is collected, used, and shared.

​​Amazon Hit With Another Class Action Lawsuit Over Alexa Voice Recordings

Amazon faces another class action lawsuit for allegations of its Alexa device recording users’ conversations without warning or consent.

Microsoft Class Action Alleges Company Violates Consumers’ Biometric Privacy

Microsoft faces a class action lawsuit for allegations of violating the Illinois Biometric Information Privacy Act (BIPA) by collecting facial biometric data of users of its Photos app on Windows 10 and Windows 11.

Lawsuits Say Siri and Google are Listening, Even When They’re Not Supposed To

Apple and Google face lawsuits for allegations of violation of privacy by voice assistants, including Siri and Google.

U.S. Appeals Court Voids Google 'Cookie' Privacy Settlement That Paid Users Nothing

The 3rd U.S. Circuit Court of Appeals in Philadelphia said it could not tell whether a $5.5 million settlement was fair in Google’s class-action lawsuit and said a lower court judge should revisit the case.

Google and YouTube Will Pay Record $170 Million for Alleged Violations of Children’s Privacy Law

Google and YouTube will pay $136 million to the Federal Trade Commission (FTC) and $34 million to New York for violating the Children’s Online Privacy Protection Act (COPPA) Rule for YouTube illegally collecting personal information from children without parents’ consent.

Where Did Facebook and Instagram Filters Go? Why You May Not Be Able to Access Them

Meta turned off some augmented reality (AR) features on Facebook, Instagram, Messenger, Messenger Kids and Portal due to laws regarding privacy and facial recognition in Illinois and Texas.

Judge Approves $650M Facebook Privacy Lawsuit Settlement

A $650 million settlement was reached in a privacy lawsuit against Facebook for the company allegedly using photo face-tagging and collecting other biometric data without the permission of its users.

U.S. District Court Northern District of California Case 3:15-cv-03747-JD Document 537

Explore one of the court documents from the Facebook lawsuit resulting in a $650 million settlement.

Facebook Checks for $397 Hit Illinois Bank Accounts

After a Facebook class-action lawsuit, the company agreed to pay $650 million to end the litigation, allowing about 1.6 million Illinois residents to collect $397 by check or direct deposit. The lawsuit alleged that Facebook violated Illinois residents’ rights by collecting and storing digital face scans without permission. The state’s Biometric Information Privacy Act allows consumers to sue companies for privacy violations involving fingerprints, retina scans, facial geometry and similar data.

Facebook Content Moderator Details Trauma That Prompted Fight for $52 Million PTSD Settlement

Facebook agreed to pay $52 million to thousands of workers who suffered the psychological consequences from reviewing posts depicting acts of suicide, murder, child abuse and other disturbing content.

FTC Imposes $5 Billion Penalty and Sweeping New Privacy Restrictions on Facebook

Facebook violated a 2012 Federal Trade Commission (FTC) order by deceiving users about their ability to control the privacy of their personal information and now has to pay a $5 billion penalty and make changes to increase accountability and transparency about users’ privacy.

Facebook to Delete 1 Billion People's 'Facial Recognition Templates'

Facebook said it would delete more than 1 billion users' facial templates following a settlement of a class action lawsuit in Illinois in which Facebook agreed to pay $650 million for allegedly using face-tagging and other biometric data without the permission of users.

Unique Illinois Privacy Law Leads to $550M Facebook Deal

A Facebook lawsuit that settled for $550 million alleged that Facebook broke Illinois’ Biometric Information Privacy Act, which allows people to sue companies that fail to get consent before harvesting users’ data, including through facial and fingerprint scanning.

That TikTok Notification About a Settlement Payment Isn't a Scam. Here's What to Know.

TikTok’s parent company, ByteDance, agreed to pay $92 million as part of a class action lawsuit to settle allegations pertaining to harvesting personal data without consent.

Twitter Agrees to Pay Millions in Fines After US Government Alleges Privacy Violations

After Twitter failed to tell its users for years that it used their contact information to help marketers target their advertising, the company agreed to pay $150 million in fines.

FTC Charges Twitter with Deceptively Using Account Security Data to Sell Targeted Ads

The Federal Trade Commission (FTC) takes action against Twitter for deceptively using account security data for targeted advertising. The company faces a $150 million penalty and is banned from profiting from the data collected deceptively.

Snapchat Violated Ill. Users’ Privacy by Collecting Biometric Information Without Consent, Class Action Alleges

A lawsuit claims that Snapchat violated the Illinois Biometric Information Privacy Act (BIPA) by failing to collect a release from users authorizing the company’s collection of private information as the company stores and shares facial features and voices without providing required disclosures.

Shutterfly to Pay $6.75M to Settle Biometrics Class Action Over Photo Face Scans; Lawyers to get $2.3M

Shutterfly settled a class action lawsuit for $6.75 million after violating the Illinois Biometric Information Protection Act (BIPA) by collecting and storing Illinois residents’ biometric data without consent.

In Big Win, Settlement Ensures Clearview AI Complies With Groundbreaking Illinois Biometric Privacy Law

Clearview AI, a face surveillance company claiming to have captured more than 10 billion faceprints from peoples’ online photos, agreed to a new set of restrictions that ensure compliance with the Illinois Biometric Information Privacy Act (BIPA).

Developer of Popular Women’s Fertility-Tracking App Settles FTC Allegations that It Misled Consumers About the Disclosure of their Health Data

The developer of Flo Health, Inc. has settled Federal Trade Commission allegations that the company shared the health information of users with outside data analytics providers after promising that such information would be kept private.

FTC Requires Zoom to Enhance its Security Practices as Part of Settlement

The Federal Trade Commission announced a settlement with Zoom Video Communications, Inc. that will require the company to implement a information security program to settle allegations that the video conferencing provider engaged in a series of deceptive and unfair practices that undermined the security of its users.