Security News
In brief Google has settled another location tracking lawsuit, yet again being fined a relative pittance. Washington State Attorney General Bob Ferguson's office announced the $39.9 million fine last week, along with news that Google will have to implement several state-ordered tracking reforms that clarify what data is being gathered and for what purposes.
The privacy-focused Brave Browser is introducing a new "Forgetful Browsing" feature that prevents sites from re-identifying you on subsequent visits. "Forgetful Browsing clears both explicitly stored values and indirectly stored values."
We hear Privacy International and a few other campaign groups set up camp outside Capita's AGM in London yesterday protesting Capita's involvement as an outsourcer in a UK government GPS tracking contract. Privacy International has previously complained that the UK Home Office and the MoJ continue to "Throw money at procurement of GPS tags to monitor migrants... despite the fact only 1 percent of migrants abscond from immigration bail," citing a statistic it obtained via a Freedom of Information request [PDF].
Monitoring assets in ever-changing settings operating in both development and production stages presents challenges. In this Help Net Security video, Daniel Deeney, CEO at Paladin Cloud, discusses how companies face difficulties identifying security threats within cloud environments.
Apple and Google have teamed up to work on a draft industry-wide specification that's designed to tackle safety risks and alert users when they are being tracked without their knowledge or permission using devices like AirTags. "The first-of-its-kind specification will allow Bluetooth location-tracking devices to be compatible with unauthorized tracking detection and alerts across Android and iOS platforms," the companies said in a joint statement.
Akamai observes nearly seven trillion DNS requests daily and classifies malicious DNS transactions into three main categories: malware, phishing and command and C2. These attacks present a major threat to both enterprises and home users. They analyzed malicious DNS data and linked attackers to malware such as Emotet, a malware strain that is now one of the most dangerous cybercrime services, and QSnatch, which targets backups or file storage and is the most significant botnet threat in enterprise environments.
A bill proposed by Washingston state lawmakers would make it illegal for period-tracking apps, Google or any other website to sell consumers' health data while also making it harder for them to collect and share this personal information. Washington Representative Vandana Slatter, a Democrat, introduced House Bill 1155 [PDF], the My Health, My Data Act, in response to the US Supreme Court ruling last year to overturn Roe v. Wade, which removed constitutional rights to abortion.
A woman in Canada failed in her claim for wrongful dismissal due to evidence from laptop software designed to track working time activity. 07 for part of the advance she received before starting work, and for the wages equal to the commensurate time lost.
Apple "Unlawfully records and uses consumers' personal information and activity," claims a new lawsuit accusing the company of tracking iPhone users' device data even when they've asked for tracking to be switched off. The would-be class action lawsuit, filed in Pennsylvania, accuses [PDF] Apple of violating Pennsylvania's Wiretapping and Electronic Surveillance Act, as well as breaching its trade practices and consumer protection law by "Representing that its mobile devices enable users to choose settings that would stop defendant from collecting or tracking their private data - a feature they do not have."
Google has settled two more of the many location tracking lawsuits it had been facing over the past year, and this time the search giant is getting an even better deal: just $29.5 million to resolve complaints filed in Indiana and Washington DC with no admission of wrongdoing. The cases filed in the Midwestern state and the capital are similar to those settled elsewhere in the US in the last 12 months and center on allegations that Google deceived users into handing over location data, which it then turned into billions in advertising dollars.