Security News
United States lawmakers this week will vote on an amendment to the surveillance bill known as the USA FREEDOM Reauthorization Act that would limit law enforcement access to people's search and browsing histories. Enacted in June 2015, the USA FREEDOM Act amends, among others, the Foreign Intelligence Surveillance Act of 1978, and USA PATRIOT Act, imposing limits on the bulk collection of data on U.S. citizens by the National Security Agency and other intelligence agencies.
"In particular, the page can know which section of text was found using find-in-page, fragment navigation, and scroll-to-text navigation," the documentation says, adding that developers could also glean information about what the user navigated to - via scroll-to-text navigation, or typed into a find-in-page search box - based on which section of the page receives an event. The privacy risk of beforematch is not that of key logging - recording exactly what a web page user typed into a search dialog.
"In particular, the page can know which section of text was found using find-in-page, fragment navigation, and scroll-to-text navigation," the documentation says, adding that developers could also glean information about what the user navigated to - via scroll-to-text navigation, or typed into a find-in-page search box - based on which section of the page receives an event. The privacy risk of beforematch is not that of key logging - recording exactly what a web page user typed into a search dialog.
May 25th is the second anniversary of the General Data Protection Regulation and data around compliance with the regulation shows a significant disconnect between perception and reality. The only way to stay ahead of the numerous privacy regulations is to take a general approach to privacy.
After delays to Chrome version 81 in March, and the scrapping of version 82 a month later, this week sees the early arrival of Chrome 83 with a longer list of new security features than originally planned. First, it's not turned on by default, and might not even be visible under Settings > Privacy and security > Advanced.
Google this week released Chrome 83 to the stable channel with patches for a total of 38 vulnerabilities, with improved Safe Browsing protection, and updated privacy and security controls. The newly introduced Enhanced Safe Browsing protection in Chrome is meant to provide users with a more advanced level of security while browsing the web, by increasing protection from dangerous websites and downloads.
Facebook has agreed to pay a Can$9 million fine for making false or misleading claims about its privacy settings, Canada's competition watchdog announced Tuesday. An investigation of the social media network's practices from 2012 to 2018 found that the company gave Canadians the impression that users could control who saw their personal information on Facebook and Messenger.
The complaint alleged that TikTok violated a previous agreement with the FTC, where it had vowed to remove all videos previously uploaded by children under the age of 13 and make stronger efforts to request parental consent when collecting children's personal data. TikTok's previous agreement came after it was slapped with a $5.7 million FTC fine for violating the Children's Online Privacy Protection Act, which sets privacy rules for operators of websites or online services directed to children under 13 years of age.
On Friday, the Dutch Data Protection Authority announced that it's launched an investigation into how TikTok handles user privacy. The rise of TikTok has led to growing concerns about privacy.
In early March, as COVID-19 impacted areas of the U.S., new healthcare data rules were issued by the Department of Health and Human Services' Office of the National Coordinator for Health Information Technology and Centers for Medicare & Medicaid Services to "Give patients unprecedented safe, secure access to their health data" so that they can better manage their care. Under the purview of HIPAA and new breeds of state privacy laws and regulations, these apps will need to be built with security and privacy in mind, governed with the right controls, and provide appropriate patient verification and authentication.