A collection of articles discussing and reporting on the status of tools and methods that protect or invade website visitor privacy.

News & Updates

To learn about the state by state regulations read more here.

To learn about Google tools and policies on privacy protection read more here

To learn about the GDPR and/or big tech you are on the correct page.

Below are news and updates on privacy at the government and bigh tech level.


Update 30 July, 2024

Meta Agrees To Pay Texas $1.4 Billion Settlement In Biometric Data Lawsuit

In a 2022 lawsuit, Mr. Paxton accused Facebook’s parent company of using facial recognition technology to collect biometric data of more than 20 million Texans without their permission. The information was captured in photos and videos uploaded to the social media platform, according to the 29-page lawsuit.

The settlement is the largest obtained in a lawsuit brought by a single state, according to Mr. Paxton’s office.

“After vigorously pursuing justice for our citizens whose privacy rights were violated by Meta’s use of facial recognition software, I’m proud to announce that we have reached the largest settlement ever obtained from an action brought by a single State,” Mr. Paxton said. “Any abuse of Texans’ sensitive data will be met with the full force of the law.”

Source: Zerohedge.com, July 30, 2024


Update 02 April, 2024

Google has agreed to settle with plaintiffs who alleged that the company invaded users’ privacy by tracking online activities even when they were using Chrome browser’s private incognito mode.

However, a fresh legal filing from April 1 revealed that under the proposed settlement terms, Google will “delete and/or remediate billions of data records that reflect class members’ private browsing activities.” The data deletion will apply to users outside the United States as well.

The tech company will also update its disclosures about what it collects in private browsing. This process started in January, shortly after the two sides announced plans to settle the case. Google updated its disclosures to clarify that it still tracked user data even when users opted to search privately or using its Incognito setting.

Read more: https://www.zerohedge.com/technology/google-settles-incognito-suit-commits-wiping-user-browsing-data


Update 23 November, 2023

The security research team from Checkmarx has uncovered a major vulnerability that is affecting Google and Samsung smartphones and has a potential to impact the hundreds of millions of Android users across the globe.

Apparently, it’s now fixed, but the researchers discovered a way for a hacker to take control of the front-facing camera and remotely take photos, record video, listen in on your conversations and more. All happening silently in the background without your awareness.

Read more: https://www.activistpost.com/2019/11/google-admits-that-others-can-access-the-camera-on-samsung-android-smartphones.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ActivistPost+%28Activist+Post%29




Update 17 September, 2023

In January 2023, the U.S. Justice Department announced a civil antitrust lawsuit against Google for monopolizing digital advertising technologies.

The Justice Department originally made several antitrust arguments. Potential actions that were deemed red flags include setting Google as a default mobile browser on Android phones, designing search results to disadvantage competitors, and the company’s ongoing partnership with Apple for its Safari browser.

Article: https://www.zerohedge.com/technology/visualizing-googles-search-engine-market-share




Update 29 August, 2023

Google updates service policies to comply with EU regulations

Google and other major platforms such as TikTok, Twitter, Facebook and Instagram all had to update various aspects of their service policies, including more transparency on how content is recommended and moderated.

The Big Tech giant said it had made “significant investments” in various areas to comply with the DSA’s specific requirements.

It plans to expand its Ads Transparency Center, researchers’ access to data and its transparency research; add more visibility for content moderation; create a new Transparency Center for its policies; and conduct more in-depth risk analysis.

The post also expressed that Google has voiced concerns about the “potential unintended consequences” of some of these measures.

Article: https://cointelegraph.com/news/google-service-policies-eu-regulations-compliance




Update 29 August, 2023

Google updated its privacy policy to allow data scraping for AI training. The latest updates to Google’s privacy policy reveal that Google may use any public information available to train its various AI products and services.

Google has made updates to its privacy policy that now allow it to take any publicly available data and use it for artificial intelligence (AI) training purposes. The update to the company’s privacy policy came on July 1 and can be compared to previous of the previous policy here.

Article: https://cointelegraph.com/news/google-updates-its-privacy-policy-to-allow-data-scraping-for-ai-training




Update 27 July, 2023

Meta fined over privacy violations in Australia Facebook parent Meta has been ordered to pay $14 million in fines for using a VPN app to extract user data

Article: https://www.rt.com/news/580354-facebook-fined-onavo-privacy-australia/




Update 12 July, 2023

Threads' Piracy Issues And Why Meta's New App Can't Launch In Europe. Meta’s answer to Twitter, Threads, launched worldwide this week except EU member countries.

Article: https://www.zerohedge.com/technology/threads-piracy-issues-and-why-metas-new-app-cant-launch-europe




Update 12 July, 2023

Secretly Stealing Everything: Google Hit With Lawsuit Over New AI Data-Scraping Privacy Policy A week after Google updated its privacy policy to allow data scraping for AI training purposes, the company faces a class-action lawsuit.

Article: https://www.zerohedge.com/technology/secretly-stealing-everything-google-hit-lawsuit-over-new-ai-data-scraping-privacy-policy




Update 25 June, 2023

According to Slashdot website, many people in the United States would like to control the information that companies can learn about them online. Yet when presented with a series of true-or-false questions about how digital devices and services track users, most Americans struggled to answer them, according to a report published (PDF) by the Annenberg School for Communication at the University of Pennsylvania.

Article: https://planofdevelopment.com/clients/Americans_privacy_Consent.pdf




Update 25 June, 2023

A US-based fraud prevention company is in hot water over allegations it not only collected data from millions of EU citizens and processed it using automated tools without their knowledge but that it did so in the United States, all in violation of the EU's data protection rules.

The complaint was filed by Austrian privacy advocacy group noyb, helmed by lawyer Max Schrems, and it doesn't pull any punches in its claims that TeleSign, through its former Belgian parent company BICS, secretly collected data on cellphone users around the world.

Article: https://www.theregister.com/2023/06/23/telesign_gdpr_complaint/




Update 17 June, 2023

Microsoft's Edge browser appears to be sending URLs you visit to its Bing API website. Reddit users first spotted the privacy issues with Edge last week, noticing that the latest version of Microsoft Edge sends a request to bingapis.com with the full URL of nearly every page you navigate to. Microsoft tells The Verge it's investigating the reports.

Article: https://www.theverge.com/2023/4/25/23697532/microsoft-edge-browser-url-leak-bing-privacy




Update 17 June, 2023

Facebook users can now apply for their share of a $725 million privacy lawsuit settlement if they had accounts from May 2007 to December 2022.

Facebook's parent company, Meta, is doling out the payments to settle a lawsuit alleging it allowed Cambridge Analytica, a former British political consulting firm used by the 2016 Donald Trump presidential campaign, to access about 87 million users' personal information.

Article: https://facebookuserprivacysettlement.com/#submit-claim




Update 17 June, 2023

If you Googled anything between 2006 and 2013, then Google owes you money for violating your privacy. Those are the terms of a class-action lawsuit that Google has settled for $23 million.

How much money does Google owe you? Well, it depends on how many people come forward to claim their share of the settlement. The current estimated payout is about $7.70 per person.

Article: https://www.refererheadersettlement.com/




Update 15 June, 2023

The European Union’s General Data Protection Regulation (GDPR), which became effective in 2016, is one of the most detailed legislative schemes in the field of data protection. This article discusses two libertarian-minded objections to its approach. First, I argue that the notion of “right” adopted in the GDPR is flawed. Second, it shows that the GDPR doesn’t protect individuals from data-hungry governments and corporations.

The GDPR seeks to protect fundamental individual rights relating to the collection and processing of personal data. These include the right to access, the right to rectification, the right to erasure, the right to be forgotten, the right to restriction of processing, the right to data portability, the right to object, and the right to not be subjected to automated decisions.

Article: https://www.zerohedge.com/political/gdpr-paradox-empowering-government-name-data-protection




Update 5 June, 2023

EU's Ministry Of Truth Threatens Google, Twitter, And Facebook With 'Stress Tests'

"I represent the law, which is the will of the state and the people."

The internal market commissioner will travel to California next month to carry out "stress tests" to see how social media companies are preparing for new content rules, known as the Digital Services Act (DSA).

The French politician told POLITICO that he and European Commission officials would meet with Google, Twitter and Meta Platforms during his trip to the United States, most likely during the week of June 19.

Article: https://www.zerohedge.com/political/eus-ministry-truth-threatens-google-twitter-and-facebook




Update 22 May, 2023

Meta has been charged $1.3 Billion in a fine assigned by EU for transferring data that violates the GDPR.
Privacy authorities from the European Union have slapped a record-breaking fine of 1.2 billion euros ($1.3 billion) on Meta Platforms, the parent company of Facebook, for sending user data to the US. Authorities have also given a deadline by which Meta must cease all personal data transfers across the Atlantic.

The Irish Data Protection Commission revealed that Meta breached the General Data Protection Regulation (GDPR) when it transferred the personal data of Europeans to the US without sufficiently protecting them from "surveillance programs" operated by the US government.

Article: https://www.zerohedge.com/geopolitical/meta-slapped-record-13-billion-fine-over-eu-data-transfers-us


Update 15 Feb., 2022 The French Data Protection Agency, CNIL (Commission nationale de l’informatique et des libertés), has concluded that the use of Google Analytics is illegal under GDPR. The CNIL has begun issuing formal notices to website managers using Google Analytics.

This follows the January 2022 Austrian Data Protection Authority’s decision to declare Google Analytics illegal to use under GDPR - General Data Protection Regulation.

Read Article




Update 16 July, 2020

The Court of Justice of the European Union (CJEU) has ruled that any cloud services hosted in the US are incapable of complying with the GDPR and EU Privacy laws. There are no internet privacy laws and/or regulations in the USA which is the reason for following what happens with the CJEU.

For any business operating a website in the EU or if you have traffic coming to your website from EU visitors, you need to know what data you’re capturing and where this data is being stored.

With the CJEU invalidating the Privacy Shield framework, this further challenges the privacy standards of big software corporations like Google and Microsoft as they have servers located in the US while attracting customers from all over the world.

From our understanding, these corporations will now face ongoing and heavy fines if they continue to process EU data on these US cloud servers.

NEXT STEPS ...

#A. Is your website, using Google Analytics? If so you must ask for consent from everyone who visits your website. If you don’t, you could be liable for privacy law infringements and face being fined for not complying with the GDPR. That consent needs to be:

  1. Freely given (the user must have a choice to not give consent and be able to opt-out at any time).
  2. Informed (you need to disclose who is processing the data, what data is processed, and how to opt-out)
  3. Specific (consent is only valid for the specific informed purpose)
  4. Unambiguous (for example, pre-ticked boxes or similar aren’t allowed)
    Those four characteristics invalidate 99% of all "cookie notices" you see today on USA websites. If users don’t give you consent, you are not allowed to track them using Google Analytics or any other US-based cloud solution.

#B. Consider replacing Google Analytics with an analytics service not based in USA. Matomo Analytics is one I have begun using; its' servers are based in Germany. Matomo satisfies CJEU privacy shield requirements.