Security News

In this Help Net Security video, Dana Morris, SVP Product and Engineering at Virtru, talks about privacy-preserving cryptography. He provides an introduction to data encryption techniques, the key exchange problem, discusses the need for crypto-agility, and much more.

Google announced today that they will begin rolling out the Privacy Sandbox system on a limited number of Android 13 devices starting in early 2023. The Privacy Sandbox is a set of technologies Google introduced in February this year, aiming to limit the tracking of users while still providing advertisers with viable performance-measurement options.

Internet giant Google has agreed to pay a record $391.5 million to settle with 40 states in the U.S. over charges the company misled users about the collection of personal location data. "Google misled its users into thinking they had turned off location tracking in their account settings, when Google continued to collect their location information," Oregon Attorney General Ellen Rosenblum said Monday.

With mandated spyware downloads to tens of thousands of surveillance cameras equipped with facial-recognition technology, the World Cup in Qatar next month is looking more like a data security and privacy nightmare than a celebration of the beautiful game. "Ehteraz is able to install an encrypted file which claims to hold a unique ID, QR code, infection status, configuration parameters and proximity data of other devices using the app," Tom Lysemose Hansen, CTO and co-founder of app security firm Promon told The Register.

The Hushed Private Phone Line lifetime subscription gives you a second phone line for calls and texts where you don't want to share your personal number. Hushed earned 4.6 stars out of five on the Apple App Store by being both easy to use and effective at protecting privacy.

In this Help Net Security video, Rebecca Herold, IEEE member and CEO of Privacy & Security Brainiacs, discusses data, privacy, surveillance, and compliance challenges facing businesses in the wake of the US Supreme Court's repeal of the Roe v. Wade decision, which stated that a clause of the Fourteenth Amendment to the US Constitution provides a "Right to privacy" and, through it, a pregnant woman's right to an abortion. In this day and age, when information about individuals is widely collected and/or inferred via online tracking and ubiquitous real-world surveillance technology, what should businesses do when asked to hand over data about their users and employees.

The ByteDance-owned platform, which currently stores European user data in the U.S. and Singapore, said the revision is part of its ongoing data governance efforts to limit employee access to users in the region, minimize data flows outside of it, and store the information locally. "Based on a demonstrated need to do their job, subject to a series of robust security controls and approval protocols, and by way of methods that are recognised under the GDPR, we allow certain employees within our corporate group located in Brazil, Canada, China, Israel, Japan, Malaysia, Philippines, Singapore, South Korea, and the U.S. remote access to TikTok European user data," the company said.

As a result of the increasing concern over consumer data privacy and protection, many government regulations and compliance mandates now focus solely on consumer data protection. Since the inception of these various consumer data privacy compliance acts, global organizations across diverse industries have faced a common challenge in protecting consumer data to remain compliant.

Apple announced additional security and privacy features for its newest operating system - macOS Ventura. In this Help Net Security video, you'll learn about new security and privacy features in macOS Ventura.

The new framework addresses concerns raised in a case decided in 2020 known as Schrems II, named after Max Schrems, the Austrian privacy activist who brought the case to the EU Court of Justice. Schrems II struck Privacy Shield down, in part, because EU citizens had no rights to petition the US government if they felt their data had been improperly gathered.