SecureRedact

View Original

Cookie conundrum: where is data privacy?

No. 59: Bringing you the news that matters in video privacy and security

Cookies are essential to our online experiences: they help us remember our login credentials, personalise our content, and provide targeted advertising. 

However, the way in which cookies construct these experiences is questionable, raising serious data privacy and security concerns. Websites and advertisers track our web movements, and they can be used to gather sensitive information without our knowledge or consent.  

In fact, Starbucks is facing a potential class-action lawsuit from users of their websites across several US states. The company allegedly used cookies to track users’ activity, even after rejecting these cookies. 

On the flip side, Google is using AI to try and manage cookie use, by creating a new ad-targeting model that achieves the goals of cookies while still protecting privacy. The company is experimenting with interest-based audience (IBA) solutions that use privacy-preserving signals, such as contextual information and first-party identifiers, to protect consumer privacy.

Despite numerous governments already trying to further regulate or outright ban the use of cookies, it is essential that individuals are aware of how cookies work, and how they can protect their data. 

As always, please send any feedback or topics of interest you would like to be covered. 

Seena, Editor


News

Starbucks faces possible class-action lawsuit over cookie tracking

US attorneys with ClassAction.org are seeking California, Pennsylvania, and Florida residents to take action against Starbucks over possible privacy violations. They allege the company may have tracked users of their website even after declining non-compulsory cookies. 

Class Action: Starbucks.com Investigation: Were Your Online Privacy Rights Violated?

IAPP: Starbucks may face class-action lawsuit over cookie consent management

Ukrainian sells EU and Ukrainian citizens' data to Russian buyers 

Ukrainian cyber police have arrested a man for selling the data of around 300 million Ukrainian and EU citizens to Russian buyers. The man is accused of seeking buyers for the stolen personal information on closed Telegram groups and channels and selling the data for anywhere between $500 and $2000.

Infosecurity: Man Arrested for Selling Data on 300 Million Victims to Russians

Bleeping Computer: Ukrainian arrested for selling data of 300M people to Russians

60 train stations across Scotland to install intelligent CCTV 

ScotRail will install new intelligent CCTV cameras in 60 train stations across Scotland to increase the safety and security of passengers. The new cameras will have upgraded intelligent video analytics to analyse the movements of passengers on the platform, to determine if they are in unsafe situations.

STV News: 'Cutting-edge' intelligent CCTV to be installed at railway stations

ScotRail: Intelligent CCTV analytics upgrade at 60 ScotRail stations

UK nurses to wear body-worn cameras to tackle hospital sexual assaults

NHS England and the Department of Health and Social Care are considering equipping nurses with body-worn cameras to combat high levels of sexual assault in hospitals. The plans include establishing a national violence prevention hub and an AI data processor to improve conviction rates. 

The Telegraph: Nurses to wear body cameras in crackdown on hospital sexual assaults

Nursing Standard: Nurses with bodycams: minister in talks over use of cameras in NHS

US military bought location data from "innocuous apps" to target drone strikes

The US military has been reportedly buying the granular movement data of people around the world from apps to target drone strikes. These included popular Quran apps, a Craigslist app, and a Muslim dating app.

VICE: How the U.S. Military Buys Location Data from Ordinary Apps

IAPP: US military bought 'granular movement data' from third parties


AI Snippet of the Week

Google uses AI in tests for cookie alternatives

Google is using artificial intelligence to develop a privacy-focused ad-targeting model that could be as successful as third-party cookie targeting. The company is experimenting with privacy-preserving signals to protect consumer privacy in Google Ads and Display & Video 360.

Mediapost: Google Tests AI To Optimize Ad Targeting Without Third-Party Cookies

IAPP: Google using AI in tests for cookie alternative


Policy Updates

US Senators to reintroduce EARN IT Act, despite privacy controversy

Senators Lindsey Graham and Richard Blumenthal have reintroduced the Eliminating Abusive and Rampant Neglect of Interactive Technologies (EARN IT) Act, which would make it easier to hold tech companies accountable for images that are distributed on their platforms. 

Cyberscoop: Return of the EARN IT Act rekindles encryption debate at critical moment for privacy-protecting apps

Engadget: The EARN IT Act will be introduced to Congress for the third time


To subscribe to our fortnightly newsletter, please click here

Thanks for reading, if you have any suggestions for topics or content that you want to see covered in future please drop a note to: info@secureredact.co.uk