The UK wants the dirt on data brokers before criminals get there first.
The UK government is inviting experts to provide insights about the data brokerage industry and the potential risks it poses to national security as it moves to push new data-sharing legislation over the line.
#UK #Tech #Data #DataBrokerage #DataSharing #Privacy #Politics #Legal
"For 37 years, Congress has completely failed to pass another consumer privacy law. Which is how we got here – to this moment where you can target ads to suicidal teens, gambling addicted soldiers in Minuteman silos, grannies with Alzheimer's, and every Congressional staffer on the Hill.
Some people think the problem with mass surveillance is a kind of machine-driven, automated mind-control ray. They believe the self-aggrandizing claims of tech bros to have finally perfected the elusive mind-control ray, using big data and machine learning.
But you don't need to accept these outlandish claims – which come from Big Tech's sales literature, wherein they boast to potential advertisers that surveillance ads are devastatingly effective – to understand how and why this is harmful. If you're struggling with opioid addiction and I target an ad to you for a fake cure or rehab center, I haven't brainwashed you – I've just tricked you. We don't have to believe in mind-control to believe that targeted lies can cause unlimited harms.
And those harms are indeed grave."
https://pluralistic.net/2025/02/20/privacy-first-second-third/#malvertising
#USA #AdTech #DataBrokers #DataBrokerage #Privacy #BigTech #MassSurveillance #DataProtection
In the end I am dawning my bowler cap, sticking a cigar in my mouth and saying "I have a plan"... (old ass #Norwegians will get it).
#deadinternettheory is one thing, #artificalinteligence is another, and the #databrokerage problem - hoo boy.
It's time we start thinking inside the box, by creating a storm inside of a bottle, a hermetically sealed environment for people who don't want to be influenced by outsiders.
Until we meet again...
Part 4/4
"Some of the world’s most popular apps are likely being co-opted by rogue members of the advertising industry to harvest sensitive location data on a massive scale, with that data ending up with a location data company whose subsidiary has previously sold global location data to US law enforcement.
The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games like Candy Crush and dating apps like Tinder to pregnancy tracking and religious prayer apps across both Android and iOS. Because much of the collection is occurring through the advertising ecosystem—not code developed by the app creators themselves—this data collection is likely happening without users’ or even app developers’ knowledge.
“For the first time publicly, we seem to have proof that one of the largest data brokers selling to both commercial and government clients appears to be acquiring their data from the online advertising ‘bid stream,’” rather than code embedded into the apps themselves, Zach Edwards, senior threat analyst at cybersecurity firm Silent Push and who has followed the location data industry closely, tells 404 Media after reviewing some of the data."
https://www.wired.com/story/gravy-location-data-app-leak-rtb/
#USA #DataBrokers #DataBrokerage #Surveillance #LocationData #GravyAnalytics
"Without federal legislative action, many US states are taking privacy matters into their own hands.
In 2025, eight new state privacy laws will take effect, making a total of 25 around the country. A number of other states—like Vermont and Massachusetts—are considering passing their own privacy bills next year, and such laws could, in theory, force national legislation, says Woodrow Hartzog, a technology law scholar at Boston University School of Law. “Right now, the statutes are all similar enough that the compliance cost is perhaps expensive but manageable,” he explains. But if one state passed a law that was different enough from the others, a national law could be the only way to resolve the conflict. Additionally, four states—California, Texas, Vermont, and Oregon—already have specific laws regulating data brokers, including the requirement that they register with the state.
Along with new laws, says Justin Brookman, the director of technology policy at Consumer Reports, comes the possibility that “we can put some more teeth on these laws.”
Brookman points to Texas, where some of the most aggressive enforcement action at the state level has taken place under its Republican attorney general, Ken Paxton. Even before the state’s new consumer privacy bill went into effect in July, Paxton announced the creation of a special task force focused on enforcing the state’s privacy laws. He has since targeted a number of data brokers—including National Public Data, which exposed millions of sensitive customer records in a data breach in August, as well as companies that sell to them, like Sirius XM."
"A global spy tool exposed the locations of billions of people to anyone willing to pay. A Catholic group bought location data about gay dating app users in an effort to out gay priests. A location data broker sold lists of people who attended political protests.
What do these privacy violations have in common? They share a source of data that’s shockingly pervasive and unregulated: the technology powering nearly every ad you see online.
Each time you see a targeted ad, your personal information is exposed to thousands of advertisers and data brokers through a process called “real-time bidding” (RTB). This process does more than deliver ads—it fuels government surveillance, poses national security risks, and gives data brokers easy access to your online activity. RTB might be the most privacy-invasive surveillance system that you’ve never heard of."
https://www.eff.org/deeplinks/2025/01/online-behavioral-ads-fuel-surveillance-industry-heres-how
#Privacy #Surveillance #CyberSecurity #AdTargeting #DataProtection #DataBrokers #DataBrokerage #RTB
Each time you see a targeted ad, your personal information is exposed to thousands of advertisers and data brokers through a process called “real-time bidding” (RTB). This process does more than deliver ads—it fuels government surveillance, poses national security risks, and gives data brokers easy access to your online activity. RTB might be the most privacy-invasive surveillance system that you’ve never heard of.
"The Consumer Financial Protection Bureau (CFPB) has proposed a new rule that would block data brokers from selling personal and financial information on Americans, including their Social Security numbers and phone numbers, under the Fair Credit Reporting Act (FCRA).
In proposing the new rules, months after President Biden signed an executive order to curb the sale of Americans’ private data, the U.S. consumer protection agency said it aims to “rein in” data brokers who sidestep federal law by claiming that they are not subject to the FCRA’s legal provisions.
The CFPB’s director, Rohit Chopra, told reporters on a call Monday that the proposed rule would “curtail the widespread evasion” of the FCRA, which is the federal privacy law that protects personal data collected by consumer reporting agencies, like credit bureaus and tenant screening companies. The rule would also “make it clear that many of these data brokers, like credit bureaus and background check companies, are subject to federal protection under the FCRA.”"
#USA #CFPB #FCRA #DataProtection #Privacy #DataBrokers #DataBrokerage
"The Federal Trade Commission (FTC) announced sweeping action against some of the most important companies in the location data industry on Tuesday, including those that power surveillance tools used by a wide spread of U.S. law enforcement agencies and demanding they delete data related to certain sensitive areas like health clinics and places of worship.
Venntel, through its parent company Gravy Analytics, takes location data from smartphones, either through ordinary apps installed on them or through the advertising ecosystem, and then provides that data feed to other companies who sell location tracking technology to the government or sells the data directly itself. Venntel is the company that provides the underlying data for a variety of other government contractors and surveillance tools, including Locate X. 404 Media and a group of other journalists recently revealed Locate X could be used to pinpoint phones that visited abortion clinics.
The FTC says in a proposed order that Gravy and Venntel will be banned from selling, disclosing, or using sensitive location data, except in “limited circumstances” involving national security or law enforcement."
#USA #FTC #LocationData #Venntel #Gravy #DataBrokers #DataBrokerage #DataProtection #Privacy #Surveillance
https://www.404media.co/ftc-bans-location-data-company-that-powers-the-surveillance-ecosystem/
"If you voted in the U.S. presidential election yesterday in which Donald Trump won comfortably, or a previous election, a website powered by a right-wing group is probably doxing you. VoteRef makes it trivial for anyone to search the name, physical address, age, party affiliation, and whether someone voted that year for people living in most states instantly and for free. This can include ordinary citizens, celebrities, domestic abuse survivors, and many other people.
Voting rolls are public records, and ways to more readily access them are not new. But during a time of intense division, political violence, or even the broader threat of data being used to dox or harass anyone, sites like VoteRef turn a vital part of the democratic process—simply voting—into a security and privacy threat.
“Digitizing and aggregating data meaningfully changes the privacy context and the risks to people. Your municipal government storing your marriage certificate and voter information in some basement office filing cabinet is not even remotely the same as a private company digitizing all the data, labeling it, piling it all together, making it searchable,” Justin Sherman, a Duke professor who studies data brokers, told 404 Media in an email."
https://www.404media.co/voted-in-america-this-site-doxed-you/
#USA #Politics #Elections #Voting #Doxxing #DataProtection #Privacy #DataBrokers #DataBrokerage
#USA #DataLeaks #DataBreaches #DataBrokers #DataBrokerage #Privacy #DataProtection: "The Florida business behind data brokerage National Public Data has filed for bankruptcy, admitting "hundreds of millions" of people were potentially affected in one of the largest information leaks of the year.
In June, the hacking group USDoD put a 277.1 GB file of data online that contained information on about 2.9 billion individuals, and asked $3.5 million for it. The data came from National Public Data - a data brokerage owned by Jerico Pictures - which offered background checks to corporate clients via its API.
NPD confirmed it had been hacked in an attack on December 2023 and initially said just 1.3 million people had lost personal details, such as "name, email address, phone number, social security number, and mailing address(es)." But in the court documents filed for bankruptcy, the business concedes the total is much higher.
"The debtor is likely liable through the application of various state laws to notify and pay for credit monitoring for hundreds of millions of potentially impacted individuals," the bankruptcy petition [PDF] from Jerico Pictures states."
https://www.theregister.com/2024/10/09/national_public_data_bankrupt/
MediaFaro News Digest
Miguel Afonso Caetano
Thor A. Hopland
