Security News

Open Raven launched the Open Raven Cloud-Native Data Protection Platform to operationalize data security and privacy in the cloud. To prevent data breaches, it automates asset discovery and data classification, provides real-time mapping and policy-driven protection for Amazon Web Services and S3. The Open Raven Platform is generally available today.

Google this week announced an update to its Chrome store policies that requires all extensions to be explicit about the collection and use of user data. Now, Google is limiting what developers are allowed to do with the user data they collect, and the new policy requires developers to be clear about their extension's privacy practices, directly on the Chrome Web Store listing.

Starting January 2021, developers of Chrome extensions will have to certify their data use and privacy practices and provide information about the data collected by the extension(s), "In clear and easy to understand language," in the extension's detail page in the Chrome Web Store. "You'll need to provide information about your app's privacy practices, including the practices of third-party partners whose code you integrate into your app, in App Store Connect," Apple told app developers.

At issue is the fact that Clearview uses photos from social media and other publicly available sources, without consent, in violation of what some say are basic privacy rights. ACLU has taken Clearview AI to court over privacy issues.

The government of Canadian Prime Minister Justin Trudeau on Tuesday presented a draft law that would impose major fines on companies that violate privacy law by misusing the personal data of their customers. Trudeau said the new law would stipulate the highest fines imposed among Group of Seven nations for privacy violations.

Jason Keats, a key member of the now-defunct Essential company has returned, and privacy is his goal. Imagine how I felt when it was reported that the team behind the Essential PH-1 was getting back together.

Coil has accidentally exposed some of its users' email addresses in a mass email announcement sent out today. At least 1,000 emails disclosed in mass announcement.

Now Apple has stressed that this app security check does not send anyone's Apple IDs nor device identifiers over the 'net, though it did log people's public IP addresses. "To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs," Apple said.

The Register has read it and can report that while it reveals that Coil seeks permission to share users' details with service providers, partners, and "Related entities". We cannot find a clause that resembles: "We reserve the right to expose your email address to countless other Coil users in the 'To:' field of an email."

An Austrian online privacy NGO said on Monday it was lodging complaints against Apple in two countries over the use of a code on its phones that allows tracking of user behavior. The NOYB group said it was filing complaints with data protection authorities in Germany and Spain over Apple's use of a so-called IDFA which NOYB says are used on phones "Without user's knowledge or consent".