Security News

Facebook this week announced filing two lawsuits - one against an organization and its agents and one against four individuals in Vietnam - over advertising-related schemes. According to Facebook, four individuals residing in Vietnam employed session/cookie theft techniques to compromise the accounts of employees at advertising and marketing agencies, leveraging them to run unauthorized ads.

Facebook is subject to EU privacy challenges from watchdogs in any of the bloc's member states, not just its lead regulator in Ireland, the bloc's top court ruled Tuesday, in a ruling that has implications for other big tech companies. Under the EU's stringent privacy rules, known as the General Data Protection Regulation, only one country's national data protection authority has the power to handle legal cases involving cross-border data complaints in a system known as "One-stop shop." For Facebook, which has its European headquarters in Dublin, it is Ireland's Data Protection Commission.

In an open letter this month, the Chaos Computer Club - along with Google, Facebook, and others - said they are against proposals to dramatically expand the use of so-called state trojans, aka government-made spyware, in Germany. Once you have root access on a person's computer or handheld, the the device can be an open book, encryption or not.

Facebook said Wednesday that it has disrupted more than 150 deceptive influence schemes since 2017, with Russia the biggest single source, as culprits strive to stay "Under the radar." The number of coordinated inauthentic behavior campaigns derailed at the leading social network ramped up each year since a Russia-linked operation to sway the outcome of the 2016 US presidential election put Facebook on the defensive.

Argentina has ordered Facebook to suspend its data use policy allowing it to collect information from users of its WhatsApp messaging app, the government announced on Monday. In the meantime, the national agency that protects personal data and access to public information will lead an investigation into Facebook's plans.

Ireland's High Court on Friday rejected Facebook's bid to block an investigation that could potentially stop data transfers from the European Union to the United States. The Irish regulator launched its inquiry last summer after a top EU court decision over Facebook invalidated a key online data arrangement between Europe and the US. "The DPC decided to commence an 'own volition' inquiry ... to consider whether the actions of Facebook Ireland Ltd in making transfers of personal data relating to individuals in the European Union/European Economic Area are lawful, and whether any corrective power should be exercised by the DPC in that regard," the court statement noted.

"No one will have their accounts deleted or lose functionality of WhatsApp on May 15 because of this update," the Facebook-owned messaging service said in a statement. The move marked a turnaround from its previous stance earlier this year when the company outlined plans to make the accounts inaccessible completely should users choose not to comply with the data-sharing agreement and opt not to have their WhatsApp account information shared with Facebook.

A German regulator on Tuesday slapped a three-month ban on Facebook collecting user data from WhatsApp accounts and referred the case to an EU watchdog, citing concerns about election integrity. The head of the German regulator, Johannes Caspar, said past Facebook data protection breaches as well as Germany's general election in September showed the "Dangers" of "Mass building of user profiles" that could be exploited.

The order issued today by the HmbBfDI, one of Germany's data protection commissioners, comes after WhatsApp said that it will slowly restrict account features for users who refuse to give up control of their data and have it shared with Facebook companies starting May 15th, 2021. The announcement comes after the data watchdog started urgent proceedings last month with the goal of issuing an order under GDPR guidance to stop Facebook from collecting and processing any data from WhatsApp users for their own purposes.

The company backtracks on a previous decision that gave its users a harsh ultimatum to accept sharing their data with Facebook if they want to continue using their account or, as an alternative, to delete their accounts. Facebook companies that can access WhatsApp users' data after this year's privacy changes include Facebook, Facebook Payments, Onavo, Facebook Technologies, and CrowdTangle.