A considerable chunk of the VPN market — including three of the six most popular VPNs — is quietly operated by an Israeli-owned company with close connections to Israel's national security state, including the elite Unit 8200 and Duvdevan Units of the Israeli Defense Forces (IDF).

https://www.mintpressnews.com/exposed-how-israeli-spies-control-your-vpn/288259/

Frank Lucas, the drug lord who ruled Harlem in the 1970s, was so discreet that the police didn't know who he was in 1971 when he decided to wear a $100,000 full-length chinchilla coat — to a Muhammad Ali boxing match.

https://x.com/fasc1nate/status/1780671693448737030

Mass protests used to offer a degree of safety in numbers. Facial recognition technology changes the equation.

https://restofworld.org/2024/facial-recognition-government-protest-surveillance/

The FCC has imposed fines totaling $196 million on T-Mobile, AT&T, and Verizon for unauthorized sales of customer location data, sparking debates over privacy.

https://www.tftc.io/fcc-fines-us-carriers-196-million-location-data/

A court has issued strict limits on how police can pull innocent bystanders into big data investigations.

https://www.wired.com/story/palantir-germany-gotham-dragnet/

“In all three cases, I was required to hand over passwords to personal electronic devices despite objecting to this invasion of my privacy, and with all three cases personal devices were searched out of my view for extended periods,” he said.

https://www.theguardian.com/australia-news/article/2024/may/14/australian-man-says-border-force-made-him-hand-over-phone-passcode-by-threatening-to-keep-device-indefinitely

Italy-based Leonardo says its tool creates a fingerprint of drivers and passengers by scanning for anything that emits a signal from their car, from smartphones to library books..

https://www.forbes.com/sites/thomasbrewster/2024/05/14/police-car-surveillance-tech-uncovers-phones-pet-trackers-and-library-books/

Like Facebook and Instagram, WhatsApp requires users to disclose personally identifiable information, such as their phone number. For this reason, Meta is able to identify users across different services and combine their data from various platforms into comprehensive user profiles.

https://x.com/ThreemaApp/status/1790674229727265037

“Everyone’s very afraid of being hacked, and, unless you understand the underlying security in all of your accounts, you’re going to have trouble not knowing whether these claims by a robocall are real.”

https://www.whatbitcoindid.com/podcast/the-bitcoin-scammer-uncensored

The FTC says that automakers and other businesses must protect users' data against illegal collection, use, and disclosure. It points to recent enforcement actions against companies in other sectors that have illegally collected or used geolocation data, surreptitiously disclosed sensitive user data, and illegally used sensitive data for automated decisions.

https://arstechnica.com/cars/2024/05/connected-cars-illegal-data-collection-and-use-now-on-ftcs-radar/

The More Opportunities for Moms to Succeed (Moms) act proposes to establish an online government database called “pregnancy.gov” listing resources related to pregnancy, including information about adoption agencies and pregnancy care providers, except for those that provide abortion-related services.

https://www.theguardian.com/us-news/article/2024/may/11/katie-britt-proposes-federal-database-to-collect-data-on-pregnant-people

The federal government is set to start collecting data on LGBTQI+ folks. Several data experts said they're concerned.

https://statescoop.com/lgbtqi-data-federal-collection-state-local-government/

For LGBTQ+ people across the globe, privacy can be a matter of life and death. Pride month offers an annual reminder that even data collection with best intentions presents unique risks for LGBTQ+ internet users..

https://www.f-secure.com/en/articles/lgbtq-people-deserve-privacy

OpSecFailure lists how individuals messed up their OpSec.

https://opsecfail.github.io/

Documenting Police Tech in Our Communities with Open Source Research

https://atlasofsurveillance.org/

The spyware tool is stated to have leaked live-screen recordings of targeted systems to the internet due to an inherent security flaw.

Read the article: https://www.hstoday.us/subject-matter-areas/cybersecurity/researcher-finds-pctattletale-stalkerware-on-u-s-hotels-corporate-and-law-firm-computers/

The spyware tool is stated to have leaked live-screen recordings of targeted systems to the internet due to an inherent security flaw.

Read the article: https://www.hstoday.us/subject-matter-areas/cybersecurity/researcher-finds-pctattletale-stalkerware-on-u-s-hotels-corporate-and-law-firm-computers/

Stalkerware has reached "pandemic proportions," according to Kaspersky, which documented a total of 31,031 people affected by the intrusive software in 2023 – up almost six percent on the prior year.

Read the article: https://www.theregister.com/2024/03/20/stalkerware_usage_surging_despite_data/

Using stalkerware is creepy, unethical, potentially illegal, and puts your data and that of your loved ones in danger.

Read the article: https://techcrunch.com/2024/05/31/hacked-leaked-exposed-why-you-should-stop-using-stalkerware-apps/

The sheer amount of tech tools and knowledge required to discreetly seek an abortion underlines how wide open we are to surveillance.

Read the article: https://www.nytimes.com/2022/07/13/technology/personaltech/abortion-privacy-roe-surveillance.html

A team of researchers in the UK found “problematic practices, including inconsistencies” regarding data privacy in several female health apps. They presented the research at the Conference on Human Factors in Computing Systems in Honolulu, Hawaii in the US this month. The researchers analysed 20 popular female health apps available on the US and UK Google Play Stores providing a service related to female reproductive health. They looked at the applications’ data privacy policies and practices.

Read the article: https://www.euronews.com/next/2024/05/31/female-health-apps-arent-doing-enough-to-protect-sensitive-data-study-says

The inside story of the largest law-enforcement sting operation ever, in which the FBI made its own tech start-up to wiretap the world, shows how cunning both the authorities and drug traffickers have become, with privacy implications for everyone.

Text: https://www.hachettebookgroup.com/titles/joseph-cox/dark-wire/9781541702691/#preorder

We all deserve privacy in our communications, and part of that is trusting that the government will only access them within the limits of the law. But it's now clear that the government hasn’t respected any limits on the intelligence community or law enforcement. When it comes to Section 702, a law that continues to allow spying on Americans, they've ignored our rights.

Text: https://act.eff.org/action/tell-congress-absent-major-changes-702-should-not-be-renewed

Documents reveal that Intellexa, which is run by Israelis but operates outside of Israel's exports regime, presented an ad-based spyware – considered the cutting edge of Israeli offensive cyber. [...] The documents include a demonstration of the Aladdin system, technical explanations on how it infects target devices, and even examples of potential malicious ads – seemingly targeting graphic designers and activists with job offers, through which the spyware will be introduced to their device.

Text: https://archive.ph/IGrTw#selection-1255.347-1255.643

A Nebraska mother who helped her teenage daughter obtain abortion pills to end her pregnancy and later disposed of the fetus’ remains was sentenced to two years in prison on Friday, according to multiple reports, after breaking a state law that banned abortion after 20 weeks of pregnancy. Police said that while executing a search warrant they discovered evidence of internet searches related to medications “which could be used for the purpose of causing a miscarriage,” or abortion pills. Officers also said they found messages discussing the use of that medication after obtaining Facebook messages from Meta.

Text: https://www.forbes.com/sites/anafaguy/2023/09/22/nebraska-mom-who-gave-teen-daughter-abortion-pills-sentenced-to-two-years-in-prison/?sh=1518bdf7b1db

Saudi Arabia has sentenced a secondary schoolgirl to 18 years in jail and a travel ban for posting tweets in support of political prisoners, according to a rights group. Saudi human rights defenders and lawyers, however, disputed Mohammed bin Salman's allegations and said the crackdown on social media users is correlated with his ascent to power and the introduction of new judicial bodies that have since overseen a crackdown on his critics. "He is able, with one word or the stroke of a pen, in seconds, to change the laws if he wants," Taha al-Hajji, a Saudi lawyer and legal consultant with the European Saudi Organisation for Human Rights, told Middle East Eye this week.

Text: https://www.middleeasteye.net/news/saudi-arabia-sentences-schoolgirl-18-years-tweets

In August and September 2023, Eltantawy’s Vodafone Egypt mobile connection was persistently selected for targeting via network injection; when Eltantawy visited certain websites not using HTTPS, a device installed at the border of Vodafone Egypt’s network automatically redirected him to a malicious website to infect his phone with Cytrox’s Predator spyware. Given that Egypt is a known customer of Cytrox’s Predator spyware, and the spyware was delivered via network injection from a device located physically inside Egypt, we attribute the network injection attack to the Egyptian government with high confidence.

Text: https://citizenlab.ca/2023/09/predator-in-the-wires-ahmed-eltantawy-targeted-with-predator-spyware-after-announcing-presidential-ambitions/

Privacy is disappearing. From our sex lives to our workout routines, the details of our lives once relegated to pen and paper have joined the slipstream of new technology. As new technologies invite new violations, people have power over one another like never before, from revenge porn to blackmail, attaching life-altering risks to growing up, dating online, or falling in love. The Fight for Privacy takes the focus off Silicon Valley moguls to investigate the price we pay as technology migrates deeper into every aspect of our lives: entering our bedrooms and our bathrooms and our midnight texts; our relationships with friends, family, lovers, and kids; and even our relationship with ourselves. Danielle Citron is a professor of law at the University of Virginia and a civil rights advocate.

Buy the Book: https://bookshop.org/p/books/the-fight-for-privacy-protecting-dignity-identity-and-love-in-the-digital-age-danielle-keats-citron/18092442?ean=9780393882315&ref=&source=IndieBound&title=The+Fight+for+Privacy%3A+Protecting+Dignity%2C+Identity%2C+and+Love+in+the+Digital+Age

The popular messaging app Telegram can leak your IP address if you simply add a hacker to your contacts and accept a phone call from them. TechCrunch verified the researcher’s findings by adding Simonov to the contacts of a newly created Telegram account. Simonov then called the account, and shortly after provided TechCrunch with the IP address of the computer where the experiment was being carried out. Telegram boasts 700 million users all over the world, and has always marketed itself as a “secure” and “private” messaging app, even though experts have repeatedly warned that Telegram is not secure.

Text: https://techcrunch.com/2023/10/19/telegram-is-still-leaking-user-ip-addresses-to-contacts

Telegram seen as the gold-standard for secure messaging is deeply concerning. So here are 7 reasons why Telegram isn't as secure as it paints itself to be.

Text: https://hackernoon.com/7-reason-why-telegram-is-insecure-by-design-but-millions-still-flock-to-it-ignoring-privacy-concerns-qq1o344c

In Surveillance Valley: The Secret Military History of the Internet, Yasha Levine traces the history of the internet back to its beginnings as a Vietnam-era tool for spying on guerrilla fighters and antiwar protesters–a military computer networking project that ultimately envisioned the creation of a global system of surveillance and prediction. Levine shows how the same military objectives that drove the development of early internet technology are still at the heart of Silicon Valley today. Spies, counterinsurgency campaigns, hippie entrepreneurs, privacy apps funded by the CIA. From the 1960s to the 2010s — this revelatory and sweeping story will make you reconsider what you know about the most powerful, ubiquitous tool ever created.

Text: http://surveillancevalley.com/

As the adage goes, there's no such thing as perfect security. And feeling invincible could get you in trouble. End-to-end encryption transforms messages into unintelligible chunks of data as soon as a user presses send. From there, the message isn't reconstituted into something understandable until it reaches the receiver's device. Along the way, the message is unreadable, protected from prying eyes. It essentially amounts to a bodyguard who picks you up at your house, rides around with you in your car, and walks you to the door of wherever you're going. You're safe during the transport, but your vigilance shouldn't end there. [...] It's easy to forget in practice that people you message with could show the chat to someone else, take screenshots, or retain the conversation on their device indefinitely. You also need to keep track of how many devices you've stored your encrypted messages on. If you sync chats between, say, your smartphone and your laptop, or back them up in the cloud, there are potentially more opportunities for the data to be exposed. Your chats may be encrypted, but your backups may not.

Text: https://joindeleteme.com/blog/opt-out-guides/

Facebook Connect, also called Log in with Facebook, is a set of authentication APIs from Facebook that developers can use to help their users connect and share with such users' Facebook friends (on and off Facebook) and increase engagement for their website or application. When so used, Facebook members can log on to third-party websites, applications, mobile devices and gaming systems with their Facebook identity and, while logged in, can connect with friends via these media and post information and updates to their Facebook profile. But sometimes, especially on lesser known websites, using Facebook's universal login feature may carry security risks, according to research from Princeton University. The tracking scripts documented by Steven Englehardt, Gunes Acar, and Arvind Narayanan represent a small slice of the invisible tracking ecosystem that follows users around the web largely without their knowledge. Facebook says the ability to scrape data through Facebook Connect has been patched.

Text: https://www.wired.com/story/security-risks-of-logging-in-with-facebook/

The Video Privacy Protection Act of 1988 (codified at 18 U.S.C. § 2710 (2002)) was passed in reaction to the disclosure of Supreme Court nominee Robert Bork's video rental records in a newspaper. The Act is not often invoked, but stands as one of the strongest protections of consumer privacy against a specific form of data collection. Generally, it prevents disclosure of personally identifiable rental records of "prerecorded video cassette tapes or similar audio visual material." The act was envoked in 2008 in a class action law suit against Blockbuster Inc. over participation in Facebook's discontinued Beacon Program , which formed part of Facebook's advertisement system that sent data from external websites to Facebook for the purpose of allowing targeted advertisements and allowing users to share their activities with their friends. Beacon reported to Facebook on Facebook's members' activities on third-party sites that also participated with Beacon even when users were not connected to Facebook, and happened without the knowledge of the Facebook user. A similar lawsuit was brought against Netflix in 2009, when it disclosed insufficiently anonymous information about nearly half-a-million customers as part of its $1 million contest to improve its recommendation system leading to the alleged outing of a lesbian mother.

Text: https://archive.epic.org/privacy/vppa/