Study: Majority of kid-targeted Android apps violate COPPA

(Apr 17, 2018) A study conducted by University of California, Berkeley, researchers found a majority of Android apps marketed toward children under the age of 13 may potentially be in violation of the Children’s Online Privacy Protection Act, mainly due to the use of third-party software development kits, The Verge reports. During the examination of 5,855 apps, the researchers found 40 percent shared personal data without proper security protocols, 39 percent did not adhere to “contractual obligations aimed at... Read More

How one location data firm is working toward GDPR compliance

(Apr 11, 2018) With location data considered personal under the EU General Data Protection Regulation, many firms are working to reconcile their location data ahead of GDPR implementation later next month, Adweek reports. Instead of finding a solution to ensure existing data is compliant with the GDPR, U.S.-based location firm Factual instead opted to scrap all its data collected on European citizens. The firm plans to rebuild its European database after it institutes an “explicit consent” opt-in from its cons... Read More

California law raises debate between car rental companies and privacy advocates

(Apr 10, 2018) In California, a debate over the use of GPS to track stolen vehicles is at the center of a larger debate between car rental companies and privacy advocates, The Washington Post reports. State law now prohibits rental companies from engaging GPS technology until a vehicle has been missing for at least five days past its return date. While rental company owners claim the law has resulted in a dramatic uptick in car thefts, privacy advocates are concerned that changing the law could lead to privacy... Read More

DriveHer app suspends service following data breach

(Apr 6, 2018) The founder of the DriveHer app has suspended the service following a data breach, the Toronto Star reports. The app was created as a way to increase the safety and security of women drivers and riders. IT Consultant Darryl Burke discovered vulnerabilities within the app leading to the breach, such as finding the data provided by users was not encrypted. “The data accessed may have included personal information such as name, gender, telephone number, profile image,” DriveHer Founder Aisha Addo w... Read More

Matthiesen on why online advertising will survive this massive legal shift

(Mar 29, 2018) The ad tech industry is facing a crisis of sorts, depending on whom you ask. The big deal is that the GDPR, and the ePrivacy Regulation to follow, place importance on transparency and user consent. And to date, those are two things the ad tech industry has been sort of lucky enough to be able to run on without a whole lot of. We’re being tracked by so many parties online — and none of us is really aware of by whom and how these entities have our data in order to track us. There are a lot of deal... Read More

Security flaws found within Grindr dating app

(Mar 28, 2018) A cybersecurity professional discovered a pair of security issues with the Grindr dating app, NBC News reports. Atlas Lane CEO Trever Faden set up a website where users could find out who blocked them on Grindr by entering their usernames and passwords, after which Faden could see user data, including email addresses, deleted photos and location data, even if the user opted out of sharing their location. Faden also discovered portions of user data are not protected, allowing anyone observing web... Read More

An experiment in avoiding Opal's digital linking

(Mar 22, 2018) In an article for CNET, Claire Reilly writes on her experience over the past two years as she avoided complying with the push for digitalization of the Transport NSW’s Opal card and opted for a paperless transit identity. This month, after successfully avoiding to link her transit card to any form of personally identifiable information, Reilly was forced to succumb to the digital linking when she found herself in need of transit with no cash in hand, no ATM in sight, and no option but to use the... Read More

Jigsaw introduces open-source VPN software

(Mar 21, 2018) Jigsaw, the human rights–focused tech incubator owned by Alphabet, is now offering open-source VPN software that aims to grant a greater degree of user privacy by placing more control in users’ hands, Wired reports. Once installed on a user’s server, Jigsaw’s Outline software shelters data from third-party access and puts the user in control of the data. Santiago Andrigo, Jigsaw’s product manager who led Outline’s development, said, "The core of the product is that people can run their own VPN,"... Read More

Uber releases anonymized data to aid city planning

(Mar 16, 2018) In the aftermath of the Transport for London’s finding that Uber is not “fit and proper” to operate as a taxi service, the company has announced several changes to its business model, including a move that will provide anonymized data of its operations, Reuters reports. While Uber is appealing the finding, it has also introduced a 24/7 telephone support line and began proactively reporting serious incidents to the police. Fred Jones, Uber’s head of U.K. cities, said the company is also respondin... Read More

Tribunal rules against Transport for NSW

(Mar 15, 2018) After Nigel Waters embarked on a legal battle against Transport for NSW for what he claimed was a breach of Australia’s privacy law, the NSW Civil and Administrative Tribunal recently agreed and ruled in favor of Waters, iTnews reports. The Opal card is a contactless smart card used to access public transportation across Sydney and the surrounding regions to streamline ticketing across different modes of transit. Once registered, Waters argued that the forced registration of the card created a d... Read More