personvern

https://www.theguardian.com/world/2025/jul/08/swedish-pm-safety-strava-data-bodyguards-ulf-kristersson-running-cycling-routes

Data made public by Ulf Kristersson’s security revealed his location, routes and movements over several years

…

In 2023 a former Russian submarine commander was killed reportedly with the help of his open Strava profile and last year it was revealed bodyguards to several world leaders were sharing confidential information on the app.

In 2017, Strava was accused of giving away the location and staffing of military bases and spy outposts around the world by publishing a map that showed all of its users’ activity.

https://www.bbc.com/news/articles/cgj54eq4vejo

Apple is taking the unprecedented step of removing its highest level data security tool from customers in the UK, after the government demanded access to user data. Advanced Data Protection (ADP) means only account holders can view items such as photos or documents they have stored online through a process known as end-to-end encryption. But earlier this month the UK government asked for the right to see the data, which currently not even Apple can access. Apple did not comment at the time but has consistently opposed creating a “backdoor” in its encryption service, arguing that if it did so, it would only be a matter of time before bad actors also found a way in. Now the tech giant has decided it will no longer be possible to activate ADP in the UK. It means eventually not all UK customer data stored on iCloud - Apple’s cloud storage service - will be fully encrypted. Data with standard encryption is accessible by Apple and shareable with law enforcement, if they have a warrant.

Benedict Evans:

Of course, the UK is within its rights to choose one side of the trade-off in the UK - what’s bizarre here is that the UK is apparently demanding that Apple do this globally. The UK, apparently, is trying to tell a US company what products it can provide to customers in Japan, Australia or indeed the USA. Normally it’s only American regulators that assert global juristiction. But what will the UK government say when China reads this story, and orders Apple to hand over UK citizens’ data, given that it’s now unencrypted and the UK has conceded the principle of jurisdiction? [emphasis added]

https://www.bbc.com/news/articles/cgkjvr7x5x6o

Whether it’s the echo of beeping tills in a supermarket or the hissing of a coffee machine in your local café, the brain is constantly working to decode hundreds of noises each day.

But, for some, those background noises can become so overwhelming that they distract them from recognising voices or alerts.

[…]

But Claire Benton, vice-president of the British Academy of Audiology, suggests that by blocking everyday sounds such as cars beeping, there is a possibility the brain can “forget” to filter out the noise.

“You have almost created this false environment by wearing those headphones of only listening to what you want to listen to. You are not having to work at it,” she said.

“Those more complex, high-level listening skills in your brain only really finish developing towards your late teens. So, if you have only been wearing noise-cancelling headphones and been in this false world for your late teens then you are slightly delaying your ability to process speech and noise,” Benton suggests.

https://www.nrk.no/norge/nordmenn-overvakes-av-mobilen_-_-pill-rattent-system-1.17208691

Norsk-amerikanske Unacast har blitt utsatt for omfattende datainnbrudd. Nå går Forbrukerrådet i strupen på selskapet.

– Det er fullstendig uansvarlig, sier fagdirektør Finn Myrstad i Forbrukerrådet.

Han snakker om selskaper som lever av å samle inn informasjon om hvor folk har vært, for å bruke det til markedsføring.

Store mengder private data om mobilbrukere over hele verden ble lagt ut på et russisk nettforum. Dataene som hackerne skal ha stjålet, skal være alt fra kundelister til folks lokasjonsdata. De publiserte det de kalte en «smakebit» av informasjonen de stjal.

I disse dataene kan det ligge informasjon om 146.000 nordmenns fysiske plassering.

[…]

Det er en trussel i seg selv at kommersielle selskaper sitter på så mye data om mobilbrukere, mener Forbrukerrådet.

– Det er en gigantisk svakhet. Det burde ikke vært lov å samle dem inn.

Forbrukerrådet har bedt om et forbud mot markedsføringen basert på dataene.

– Jeg tenker det ligger noe ansvar på politikerne her, sier Myrstad.

I 2022 anbefalte Personvernkommisjonen i en rapport en utredning av et generelt forbud mot atferdsbasert markedsføring.

Stortinget har bedt om det samme. Men ennå har det ikke dukket opp noen utredning. Langt mindre et lovforslag.

https://www.wired.com/story/subaru-location-tracking-vulnerabilities/

Now-fixed web bugs allowed hackers to remotely unlock and start any of millions of Subarus. More disturbingly, they could also access at least a year of cars’ location histories—and Subaru employees still can.

[…]

Most disturbing for Curry, though, was that they found they could also track the Subaru’s location—not merely where it was at the moment but also where it had been for the entire year that his mother had owned it. The map of the car’s whereabouts was so accurate and detailed, Curry says, that he was able to see her doctor visits, the homes of the friends she visited, even which exact parking space his mother parked in every time she went to church.

“You can retrieve at least a year’s worth of location history for the car, where it’s pinged precisely, sometimes multiple times a day,” Curry says. “Whether somebody’s cheating on their wife or getting an abortion or part of some political group, there are a million scenarios where you could weaponize this against someone.”

[…]

Curry argues that Subaru’s extensive location tracking is a particularly disturbing demonstration of the car industry’s lack of privacy safeguards around its growing collection of personal data on drivers. “It’s kind of bonkers,” he says. “There’s an expectation that a Google employee isn’t going to be able to just go through your emails in Gmail, but there’s literally a button on Subaru’s admin panel that lets an employee view location history.”

https://blog.lukaszolejnik.com/biggest-privacy-erosion-in-10-years-on-googles-policy-change-towards-fingerprinting/

https://www.theverge.com/2024/12/30/24332181/volkswagen-data-leak-exposed-location-evs

The leak also included the emails, addresses, and phone numbers of drivers in some cases, Der Spiegel reports.

[…]

If anything, this leak serves as yet another reminder of the immense amount of data collected by modern-day vehicles, which Mozilla has called a “privacy nightmare.”

https://www.nbcnews.com/tech/security/us-officials-urge-americans-use-encrypted-apps-cyberattack-rcna182694

Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers.

The hacking campaign, nicknamed Salt Typhoon by Microsoft, is one of the largest intelligence compromises in U.S. history, and it has not yet been fully remediated. Officials on a news call Tuesday refused to set a timetable for declaring the country’s telecommunications systems free of interlopers. Officials had told NBC News that China hacked AT&T, Verizon and Lumen Technologies to spy on customers.

https://www.wired.com/story/phone-data-us-soldiers-spies-nuclear-germany/

More than 3 billion phone coordinates collected by a US data broker expose the detailed movements of US military and intelligence workers in Germany—and the Pentagon is powerless to stop it.

https://www.abc.net.au/news/2024-10-05/robot-vacuum-deebot-ecovacs-photos-ai/104416632

Ecovacs robot vacuums, which have been found to suffer from critical cybersecurity flaws, are collecting photos, videos and voice recordings – taken inside customers’ houses – to train the company’s AI models.