Facial-recognition database exposed 2.5M users

(Feb 21, 2019) According to security researcher Victor Gevers, one of the facial-recognition databases used in China’s Xinjiang region has been left open on the internet for months, ZDNet reports. Gevers stated the MongoDB database belonging to Chinese company SenseNets contained information on 2,565,724 users and included names, ID numbers, nationalities, addresses, dates of birth, employer information and GPS data. Gevers also noted that the database was active and had received nearly 6.7 million GPS coordin... Read More

Singapore Airlines confirms in-flight cameras are deactivated

(Feb 21, 2019) After passengers raised concerns over cameras discovered on in-flight entertainment devices, Singapore Airlines has confirmed they were included by the manufacturer but have been “permanently disabled and cannot be activated on board,” The Straits Times reports. A spokesman for SIA said, “Do allow us to reiterate that we have no plans to enable or develop any features using the cameras.”Full Story... Read More

Privacy watchdog accuses Mexican government of spyware surveillance

(Feb 21, 2019) Commissioners of Mexico’s Institute for Transparency, Access to Information and Protection of Personal Data have accused the federal attorney general of preventing its investigation into the government’s use of spyware to monitor journalists, lawyers and activists, The Associated Press reports. The commissioners alleged the government contracted Pegasus software from Israel’s NSO Group to aid in surveillance efforts. Despite initially denying the contract, the office then divulged that it had a ... Read More

US watchlist shared with 1,441 private organizations

(Feb 20, 2019) After years of insisting that the terrorist watchlist is not shared with the private sector, the U.S. federal government acknowledged that it is shared with 1,441 private organizations, including private universities, hospitals and private correctional facilities, The Associated Press reports. The admission follows a class-action lawsuit by individuals who argued there were wrongly added to the watchlist and a subsequent order from U.S. District Judge Anthony Trenga that the Terrorist Screening ... Read More

Toronto police abandon gunshot detection system

(Feb 15, 2019) The Toronto Police Service announced it has abandoned its plan to adopt a gunshot detection system, The Globe and Mail reports. ShotSpotter incorporates a network of rooftop microphones to determine the exact location of a gunshot. Ontario’s Ministry of the Attorney General told the police department the “ShotSpotter technology could compromise Section 8 of the Charter rights, specifically unreasonable search and seizure.” Privacy advocates expressed concerns about the surveillance capabilities ... Read More

Judge rules in favor of Tate Modern in privacy case

(Feb 14, 2019) A judge ruled in favor of London's Tate Modern art gallery in a privacy case, the Guardian reports. Tate Modern had been sued by the owners of four flats who alleged their privacy had been violated by gallery visitors who could see inside their homes from a top-floor terrace. The flat owners said they were under “near constant surveillance”; however, Justice Anthony Mann ruled the plaintiffs could have taken more measures to protect their privacy. Mann added the residents chose to purchase flats... Read More

Judge rules documents in Facebook encryption case must remain sealed

(Feb 13, 2019) U.S. District Judge Lawrence O’Neill ruled against two bids to have documents unsealed that described efforts by the U.S. government to have Facebook decrypt voice conversations on its Messenger app, Reuters reports. Law enforcement asked Facebook to decrypt the conversations as part of its investigations into the MS-13 gang. The American Civil Liberties Union argued the public’s right to know about encryption laws outweighed any criminal investigation. O’Neill ultimately ruled to keep the docum... Read More

CRA employees illegally accessed info of 41K citizens

(Feb 8, 2019) Canada Revenue Agency staff members illegally accessed the information of 41,361 citizens between November 2015 and November 2018, CTV News reports. The agency revealed 264 incidents took place in the time period. The CRA deemed 37,502 people who had their information accessed faced a “low risk of injury”; however, 1,640 citizens received a letter from the agency about the breaches. Of the 264 employees who illicitly accessed information, 182 have been disciplined, and 36 face pending actions. “... Read More

Metrolinx turned over Presto card user data to law enforcement without warrants

(Feb 8, 2019) Metrolinx saw a 47 percent increase in requests from law enforcement agencies for personal information stored on Presto fare cards in 2018, the Toronto Star reports. The majority of the requests were not fulfilled; however, there were 22 instances when Metrolinx turned over rider data without asking for a warrant. “Broadly, the concern is that it’s very important that a mass transit system, a public transit system, doesn’t become a system of mass surveillance,” Canadian Civil Liberties Associati... Read More

China's emerging data protection system offers some consumer protection

(Feb 7, 2019) Slate reports on China’s emerging data protection regulatory system as the country moves toward an increased presence of state surveillance. The framework includes issues pertaining to consent, user-requested data deletion, and the collection, use and sharing of personal data. “The hope is to build a Chinese data protection regime that is uniquely suited to China: one that builds consumer trust in a thriving digital economy but does not undermine the government’s ability to maintain control,” th... Read More