While Apple Intelligence isn’t as impressive as it was made out to be, the company isn’t giving up on artificial intelligence. The brand is already working with OpenAI to integrate advanced AI capabilities, but it seems like future AI plans might give Apple some trouble.

Apple may face scrutiny for AI deal with Alibaba

The Cupertino based giant has plans to introduce more AI models, and this might involve the Chinese giant, Alibaba. However, this deal has unsurprisingly raised alarms for US lawmakers who are wary of the Apple-Alibaba partnership. According to The New York Times report, a source claimed that White House officials and members of the House Select Committee on China are asking Apple executives about this collaboration.

The primary cause of concern seems to revolve around data and in what capacity it would be shared with Alibaba. It seems like Apple is also being questioned about possible commitments that it might have made with Chinese regulators. The iPhone maker’s answers may have been unsatisfactory, as the source claimed that Apple execs could not answer most of these questions. This would likely lead to Apple facing increased scrutiny in the AI deal with Alibaba.

Apple aims to bring more AI models to Apple Intelligence. But so far, only OpenAI’s ChatGPT seems to be the only available option. Working with Chinese companies raises concerns over national security, particularly around data security, data privacy, and more. Earlier this year, a rumor had also surfaced of Apple turning to DeepSeek to bring Apple Intelligence for the iPhones sold in China, which is against sharing its citizens’ data with a foreign AI model.

For more daily updates, please visit our News Section.

Don’t miss a thing! Join our Telegram community for instant updates and grab our free daily newsletter for the best tech stories!

The post Apple AI deal with Alibaba might be a national security risk appeared first on Gizmochina.

Google has agreed to pay $93 million to settle claims with California’s Attorney General Rob Bonta, putting to rest allegations that the company misused location data for advertising. This comes after similar legal issues in Arizona and Washington last year, where Google faced comparable accusations. But what does this actually mean?

Google was allegedly collecting location data even after users turned their location history off

The central issue at hand was Google’s alleged collection of user location data, even after users had turned off the “location history” feature. According to the California Department of Justice, this violated consumer protection laws.

While $93 million may sound like a significant penalty, it’s worth noting that this amount is a fraction of Google’s overall revenue—most of which comes from advertising. Moreover, location-based advertising is a key component of Google’s business model. The settlement, therefore, raises questions about its long-term impact on tech giants and data privacy.

As part of the agreement, Google is not just parting with money but has also committed to “deter future misconduct.” Specifically, the company is required to offer clearer information about how it collects and uses location data. Users will also be provided with disclaimers that their location information could be used for personalized ads.

The settlement could serve as a warning to other tech companies about the increasing scrutiny around data privacy. Yet, the relatively small financial hit for Google suggests that whether this case will instigate genuine change in the industry remains uncertain. One thing is clear: the conversation around data privacy and corporate accountability is far from over.

RELATED:

• Google won’t repair cracked Pixel Watch screens, leaving owners frustrated
• Google says it’s the leading search engine because users prefer it over others in antitrust trial defense
• Best 1440p Monitors 2023 – Dell, Asus, LG, & More

(Via)

The post How Significant is Google’s $93 Million Settlement for Consumer Protection? appeared first on Gizmochina.

ByteDance, the parent company behind the popular TikTok app, was recently hit with a lawsuit that claimed that it is non-consensually collecting users’ biometric data. The lawsuit alleged that the illegal data privacy breach was from the company’s CapCut app.

Yet another data privacy breach from ByteDance

For those unaware, CapCut is a video editing application that has over 200 million active users. But apparently, this platform is collecting their sensitive private information without their consent. The lawsuit was filed in Illinois and claims that CapCut is violating the state’s Biometric Information Act. This breach is from collecting data like face scans and voice prints without informing the users.

Apart from biometrics, the app was reportedly collecting other private information like user location, gender, date of birth, and even gaining access to photos and videos. The primary focus of this invasive data collection is likely in regard to targeted ads. The lawsuit adds that the app is capable of even gaining access to the MAC address and SIM serial number as well. Apparently, CapCut’s privacy policy was intentionally designed to make it harder for users to understand.

In other words, the CapCut users aren’t giving their consent in a proper manner. ByteDance is also behind TikTok, which has faced various accusations over data privacy. Some reports have claimed that it is even harvesting user data in the US, in service of the Chinese government.

RELATED:

• ByteDance Buys Enough Nvidia GPUs for All of China in Order to Secure Its Future
• TikTok’s E-Commerce Ambitions: How the Social Media Giant Plans to Take on the Internet
• TikTok is Under Scrutiny again in the US for Fraudulent Data Practices & Privacy Issues
• TikTok’s AI Chatbot in Testing Phase, may Compete with ChatGPT & Bard
• OnePlus 11 vs Nothing Phone (2): Specs Comparison
• Best 360 degree cameras in 2023 – Insta360, GoPro, & More

(Via)

The post TikTok’s parent company ByteDance sued for collecting face scans & other sensitive data on CapCut appeared first on Gizmochina.

In a recent report by Max Corbridge and Tom Ellson of JUMPSEC, a renowned security analysis company, a critical vulnerability has been uncovered in the latest version of Microsoft Teams. This vulnerability poses a serious threat as it allows hackers to bypass client security controls, infiltrate other teams, and spread malicious programs containing Trojan horse viruses.

Microsoft Teams is key in a lot of organizations’ communication structure, which adds to the risk

Microsoft Teams, a popular collaboration platform, enables users with a Microsoft account to establish a “business or organization.” This feature allows users from one organization to communicate with those from another. However, JUMPSEC’s team identified a flaw in the system’s logic, exploiting which they were able to circumvent security controls in a mere 10 minutes, subsequently sending a harmful program to users in other organizations.

While Microsoft has acknowledged this vulnerability, it has yet to inform its users regarding the process of fixing it. In the meantime, JUMPSEC recommends that Microsoft Teams users take immediate action to protect themselves. Users can disable specific options in the settings to prevent hackers from exploiting this vulnerability and sending malicious programs to their teams.

The severity of this vulnerability cannot be overstated. With the potential for unauthorized access to sensitive data, the risk to organizations and their users is significant. A lot of big (and small) organizations use Microsoft Teams for a major part of their operations, which could be a gold mine for hackers. Microsoft’s delay in addressing this issue is a cause for concern, as it leaves countless users vulnerable to cyberattacks.

In light of this development, it is crucial for Microsoft Teams users to remain vigilant and proactive in safeguarding their accounts and data. Regularly checking for software updates and following recommended security practices can help mitigate the risks associated with this vulnerability. It is expected that Microsoft will prioritize the resolution of this vulnerability, given the potential impact it could have on users and organizations alike. In the meanwhile, users should remain cautious and take proactive measures to protect themselves from potential cyber threats.

RELATED:

• Microsoft’s Latest Small Language Model Outperforms ChatGPT with a Fraction of Parameters
• Google’s Complaint Against Microsoft Could Have Far-reaching Implications for Industry
• Best Bluetooth Speaker under $100 in 2023

(Via)

The post New Vulnerability Discovered in Microsoft Teams Puts Users at Risk appeared first on Gizmochina.

In the era of social media, the ability to delete regrettable or potentially problematic tweets offers users a sense of control over their online presence. However, an alarming discovery has left many Twitter users perplexed and concerned. It appears that deleted tweets are making an unexpected reappearance on the platform, creating a wave of frustration and privacy concerns among users. This article delves into the recent revelation and sheds light on the potential causes behind this.

Over a Million Deleted Tweets have reappeared on the platform

Renowned open-source developer and security expert, Richard “Dick” Morrell, was taken aback when he discovered that the tweets he had painstakingly deleted had magically resurfaced. Morrell shared his experience on Mastodon, a decentralized social media platform, prompting over 400 individuals to come forward with similar stories. Estimates suggest that over a million previously deleted tweets have mysteriously reappeared, dating back to November 2022 and earlier.

Experts in the field have offered insights into the possible reasons behind this disconcerting event. One theory posits that Twitter’s server restoration process may have inadvertently revived tweets stored in cold storage. A former Twitter Site Reliability Engineer, known as “mx alex tax1a,” surmised that the mishap could be attributed to the improper adjustment of server topology during data center migrations. This oversight might have allowed dormant data to resurface.

In response to inquiries about the issue, Twitter provided a rather unconventional reply—a poop emoji. This nonchalant attitude did not sit well with users, especially given the global implications of data privacy breaches. Morrell, in particular, expressed serious concerns regarding Twitter’s handling of data privacy, suggesting a potential violation of the General Data Protection Regulation (GDPR).

Twitter’s unexpected recycling of deleted tweets has left users questioning the platform’s commitment to data privacy and control. The reappearance of once-deleted messages, as if trapped in a digital Hotel California, has ignited a debate about the efficacy of data storage and restoration practices. As users navigate the evolving landscape of social media, it serves as a stark reminder that digital footprints may never truly vanish. It is understandable why other companies are building alternatives to Twitter, for instance, P92 being developed by Meta & Instagram.

RELATED:

• Twitter Blue Subscribers can now Post 2-Hour Long Videos, up to 8GB
• Twitter Restricts Content in Turkey amidst Pivotal Election
• Best Play Store Deals – Apps and Games on Sale this Week

(Via)

The post The Resurrection of Deleted Tweets causes Privacy Concerns among Users appeared first on Gizmochina.

It seems that no news that hit the headlines regarding Twitter appears to be positive nowadays. And unfortunately, the latest one might also divide its large user base. So be ready, since you might require your ID for this one.

Apparently, the microblogging giant is looking bring a new feature called ID verification. As the name suggests, Elon’s team is looking to constantly improve the platform and this move would help verify if someone on the platform is a real person and not just an impersonation. With the growing issue of impersonation on Twitter, a verification system would also help many avoid misinformation on the platform. An image shared by a leaker shows an image of this verification process, although it is transcribed in German.

But this shows that the verification system could already be on its way. Users would need to upload their legal ID along with a selfie to confirm their identity. While this move would offer many benefits, it also raises the concerns regarding user privacy and data security again. Furthermore, this also takes away from one of the platform’s popular aspects, which is anonymity. Meaning, this move is a double edged sword.

The leaker also added that Elon is seeking to hire a third part company to handle the entire verification process to ensure the protection of user data. But despite all of this, one must remember that data leaks from tech giants, is not uncommon in today’s day and age. But keep in mind that this is still just a rumor, so take this report with a pinch of salt for now and stick around for more updates.

RELATED:

• Twitter Security Breach: Former Employee Claims Engineers Can Tweet from Any Account
• Twitter Ad Sales Fell By 70% in December: Report
• Say Goodbye to Ads on Twitter with New ‘Twitter Blue’ Tier
• Redmi Note 12 Discovery Edition vs Redmi Note 12 Pro Speed Edition: Specs Comparison
• OPPO Reno9 vs Redmi Note 12 Pro Speed: Specs Comparison

(Source)

The post Twitter May Soon Require ID To Prove That You’re a Real Person appeared first on Gizmochina.

Twitter has been surrounded by a lot of negative press recently and it seems like the unfortunate run is still ongoing. A hacker has claimed to have private data on hundreds of millions of the platform’s users.

A new report has stated that the hacker has acquired sensitive information on 400 million users to be exact, which was illegally captured in 2021. The data was obtained by abusing an API vulnerability that has been fixed since its originally discovery. The hacker goes by the name ‘Ryushi’ has offered Elon Musk and Twitter to purchase this data him for a hefty price of 200,000 US Dollars. If they refuse, they would face an even heavier fine from the GDPR.

As per Ryushi on the Breached hacking forum, “Your best option to avoid paying $276 million USD in GDPR breach fines like facebook did (due to 533m users being scraped) is to buy this data exclusively… after that I will delete this thread and will not sell this data again.” To prove this, he even shared a sample data of more than 1,000 users that include a number of celebrities, which was leaked. This information contains sensitive data like email addresses, usernames, follower counts, creation dates, and some users’ phone numbers. 

The hacker further added that if Twitter skips this deal, he is also open to selling this data to multiple buyers for a sum of 60,000 US Dollars for interested parties. Unfortunately, it is still unclear as to what decision Twitter will make regarding this matter or even if the leaked private data is completely accurate. So stay tuned as we will offer updates if there are any notable developments on this matter.

RELATED:

• Twitter Blue now displays your replies higher & let’s you upload 60 min videos
• Elon Musk: ‘I Will Resign as CEO’ of Twitter
• Twitter Blue relaunched, with new Gold checkmarks for businesses

(Via)

The post Twitter users at risk as Hacker claims to have private data of 400 million people appeared first on Gizmochina.

Amazon is offering quite an odd way to earn money. The company is offering people 2 US Dollars per month by letting them monitor some data on your phone. So here are all the details.

The e-commerce giant is offering the meager sum of 2 US Dollars to those that let’s their devices be tracked to verify ads. This move is being showcased on the Amazon’s Shipper Panel, which is exclusive and invite only. As of right now, the Amazon Shopper Panel offers its users around 10 US Dollars for submitting 10 receipts. Apart from this, it even gives out rewards to those that complete surveys for the brand.

According to the Shopper Panel, “The Amazon Shopper Panel is an opt-in, invitation-only program where participants can earn monthly rewards by sharing receipts from purchases made outside of Amazon.com, completing short surveys, and enabling ad verification for the ads they see from Amazon’s own advertising or third-party businesses that advertise through Amazon Ads.

The company has also stated that in the “Rewards” section that users can enable ad verification to let the company confirm ads that the users see from Amazon or other third party platforms that use Amazon ads. As per official notes, those that are “choosing to enable ad verification, panelists allow us to confirm which ads from Amazon they saw on their device.”

RELATED:

• Amazon Kindle 2022 With 16GB Storage, 6-Weeks Battery Life Launched in India
• Amazon unveils the Sparrow robotic picker that uses AI to identify objects
• Amazon Prime Video Mobile Edition annual subscription launched in India at Rs 599
• Amazon launches Halo Rise that can track sleep by your breathing pattern
• Amazon Fire TV Cube (3rd gen), Alexa Voice Remote Pro launched in India
• Amazon launched new Fire TV Omni QLED Series 4K TVs with Adaptive Brightness feature & more

The post Here’s how to earn $2 a month, just let Amazon track your phone appeared first on Gizmochina.

Twitter has been seeing some rocky roads in recent times. However, it seems that its troubles haven’t ended yet, with a massive data breach causing the private user data for millions of users being leaked.

The popular microblogging website had faced a data dump of sensitive identity information for over 5 million Twitter users. This sensitive information was later reportedly sold on the dark web. Now, another new report has revealed that the latest data dump is being offered for free, but this data breach is potentially more damaging than the last. The news arrives from a BleepingComputer report. This data leak contains “tens of millions of Twitter records.”

As per the report, the leak shares the user’s phone numbers, verified status, account names, Twitter IDs, biographies, and even their screen names. The original findings were first published by security researcher Chad Loder on Twitter. Although he was banned soon after on the platform for allegedly revealing this information. However, he has since migrated to Mastodon and shared his report there. 

On his initial tweet, Loder stated that “I have just received evidence of a massive Twitter data breach affecting millions of Twitter accounts in EU and US. I have contacted a sample of the affected accounts and they confirmed that the breached data is accurate. This breach occurred no earlier than 2021.” BleepingComputer analyzed a sample of the break for more than 1.3 million phone numbers of Twitter users from France, which revealed that this breach is accurate. So it remains to be seen how the company responds to this data breach.

RELATED:

• Twitter Blue Will Relaunch With Gold, Grey, Blue Checkmarks
• Twitter Will Soon Remove Twitter for Android, Twitter for iPhone Label
• SpaceX Buys Massive Ad Campaign Package on Twitter for Starlink
• Elon Musk tries to rehire some Twitter employees after firing them

The post Massive Twitter breach leaks data of millions of users appeared first on Gizmochina.

We had already covered various rumors regarding TikTok supposedly stealing your personal data. Now, a new report has revealed that the platform also harvests your personal data through the in app keyboard as well.

The news arrives from InAppBrowser.com  (Via PhoneArena) that stated that the in app keyboard on popular social media platforms are capable of stealing data based on what is being typed. The report adds that major social media apps like TikTok, Facebook and Instagram have the potential to use JavaScript to grab your credit card data, address, passwords, and more without your permission on iOS.

The report adds that these social media apps (including Facebook Messenger) can track your keystrokes if you use their in app keyboards. Notably, out of all of these social media applications, the one company that does not offer users the option to use your default QWERTY keyboard is TikTok. In other words, you are basically stuck with the personal data stealing in app keyboard.

This has also the reason why the brand came under first by another US presidential administration that was concerned about national security.In its defense, TikTok took to Twitter to share a tweet that stated that “The report’s conclusions about TikTok are incorrect and misleading. Contrary to its claims, we do not collect keystroke or text inputs through this code, which is solely used for debugging, troubleshooting and performance monitoring.”

Although, separate reports have also claimed that its in app browser is also quite dangerous since the company can basically track every keystroke on third party websites through this browser. FCC commissioner Brendan Carr said that this app is a “sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data.”

RELATED:

• Instagram & Facebook Reels are even more like TikTok with these new features
• TikTok might soon be returning to India, ByteDance seeks new partners
• TikTok owner ByteDance Live streaming device with a flip camera appears

The post TikTok can steal your personal data when you type on the in app-keyboard appeared first on Gizmochina.

Last week, the Indian government issued an order which required VPN (Virtual Private Network) based companies to collect and provide it with user data.

The order, issued by the Computer Emergency Response Team (CERT-in), which is a department under the Ministry of Electronics and IT requires these companies to collect sensitive user data like IP addresses, usage patterns, etc, and store it for up to 5 years before eventually handing it over to the government whenever asked. Failing to comply with these orders can result in prison sentences of up to a year under Section 70B(7).

The government has stated that this move is aimed at “coordinate response activities as well as emergency measures with respect to cyber security incidents.”

As you can imagine, this is a direct step against data privacy. And it appears that major VPN companies operating in India are unlikely to comply with these orders according to recent statements issued by them.

Laura Tyrylyte, who is the security spokesperson for NordVPN said “We are committed to protecting the privacy of our customers, therefore, we may remove our servers from India if no other options are left.”

Express VPN also issued a statement saying “VPNs are critical for user safety and the preservation of user’s right to online privacy and are fundamentally opposed to any efforts to undermine such technologies.”

Shurfshark VPN’s legal head Gytis Malinauskas has said that “We operate only with RAM-only servers, which means that at this moment, even technically, we would not be able to comply with the logging requirements.

Going by the statements of these major VPN service providers and their firm stance against the Indian Government’s mandate, it could be possible that these companies might soon stop providing their services in India. The last date for complying with the CERT-in’s directive is June 27th, 2022, so stay tuned for more updates on the matter.

RELATED:

• India issues new order that asks VPN firms to collect & supply it with user data
• China drafts new rules that punish VPN providers that scale the Great Firewall
• Microsoft Edge browser to soon get a free inbuilt VPN

The post VPN firms unlikely to comply with Indian government’s mandate appeared first on Gizmochina.

India has just issued a new order that appears to be a step against data privacy. The government is now asking VPN based companies to collect and provide it with user data.

According to an Entrackr report, the government wants Virtual Private Network firms to collect the user’s data for five years on their servers and then eventually hand it over to the government. This order is not limited to just VPN based companies and even targets Cloud and Crypto based firms as well. The report adds that firms that do not comply with this order may face prison sentence up to a year under the Section 70B(7). This order has been issues by a department under the Ministry of Electronics and IT, which is known as Computer Emergency Response Team (CERT-in).

The department has urged VPN companies to collect sensitive user data, which includes their customer’s names after validating them. Furthermore, they would even have to store other forms of information of the user like their IP addresses, usage patterns, and even other forms of identifiable information as well. All in all, the IT Ministry department stated that these efforts are being made to “coordinate response activities as well as emergency measures with respect to cyber security incidents.” However, this is a major step against data privacy since companies are now legally allowed and required to collect and store your data as per the new order.

The VPN, cloud, and crytpo based firms will begin collecting data starting from the date of 27th June 2021. So, the process is already underway. Unfortunately, many firms might face difficulties (especially VPN firms) that advertise their services with a no logs policy. Additionally, VPN users typically use the service to hide their original IP address and online footprint. This even helps in hiding their IP addresses from malicious individuals like hackers. So, collecting such user data defeats the purpose and makes data leaks more likely in the near future.

RELATED:

• India accuses Xiaomi of forex violation; seizes assets worth $725 million
• India in talks with Intel & TSMC to setup local semiconductor plants
• Uber India hikes Cab fares in Delhi following recent rise of Fuel prices

The post India issues new order that asks VPN firms to collect & supply it with user data appeared first on Gizmochina.

Apple has allegedly provided a hacker group with user data. The company has apparently shared the data after the group had managed to forge legal requests documents for the information.

According to a Bloomberg report, three sources close to the matter revealed details regarding this incident, which was a part of a 2021 social engineering scam. Allegedly, the hackers had impersonated as law enforcement officials and were able to persuade the Cupertino based giant’s staff into sharing information regarding their customers’ addresses, phone numbers, and IP addresses as well. They managed to acquire this information after showing a forged “emergency data requests” document.

For those unaware, the iPhone maker usually provides the officials with such information only when a search warrant or subpoena from a judge is provided. However, this does not apply with emergency requests because they are known to be used only in cases of imminent danger. Unfortunately, Apple has yet to confirm if it actually shared the data with the hacker groups and directed Bloomberg to its law enforcement guidelines when asked to comment on the incident.

Similarly, it appears that Facebook’s parent company, Meta, also faced a similar situation as well. The tech giant also allegedly provided the same hacker group with user data and said after they said that they are working with law enforcement on the suspected fraudulent requests. The information acquired from the two companies could be used with malicious intent, like targeted harassment campaigns or even financial fraud schemes.

RELATED:

• Apple iPhone isn’t getting under display Touch ID support anytime soon
• Apple iPhone 14 Pro to have a larger camera sensor resulting in thicker camera bump
• Apple Watch Series 7 reportedly charges like a sloth following watchOS 8.5 update
• Man arrested for tracking girlfriend’s car with an Apple Watch attached to one of the wheels

The post Apple reportedly shared user data with hackers that forged legal requests appeared first on Gizmochina.

Smartphone users usually have a number of social media platform that they are active on daily. Out of these, there are specific apps that are geared for just messaging. While these apps may sometime contain sensitive information that the user wants to keep private, a leaked document has revealed that two major chatting apps, WhatsApp and iMessage, share quite a bit of data with the FBI.

According to a report from the Rolling Stone (Via AndroidAuthority), the news arrives from a leaked document from FBI (Federal Bureau of Investigation), which is a domestic intelligence and security based government service in the US. The document has revealed that Facebook’s WhatsApp and Apple’s iMessage provide the agency with the most amount of information, which it can legally obtain from any messaging application.

As per the document, WhatsApp, iMessage, and Line all offered “limited” message content over a legal request from the FBI. While these platforms willingly offered ‘some’ data, others like Signal, Telegram, Threema, Viber, WeChat, and Wickr did not disclose any message content. Although “limited” data doesn’t raise any alarms, the kind of information being shared might not be that harmless. The popular Android messaging app shares “only basic subscriber records” with a subpoena.

But in simpler terms, it means that the FBI is able to grab address book data from both the ‘target’ and their contacts if they have a search warrant. They can even track the source and destination of the messages sent from the app as well. Meaning, if you have saved the target’s contact info, your address book is also available for the FBI to snoop around in. This is even worse for the iMessage service. If iMessage users back up their messages on iCloud, the FBI has access to the actual message content as the Cupertino based giant is required to hand over iCloud encryption key with a search warrant.

RELATED:

• Apple rolls out emergency update to fix Pegasus spyware vulnerability on iPhones, iPads, and Macs
• Apple iPhone 13’s Satellite Communication feature to be reportedly available only in select countries
• WhatsApp introduces new Safety Features: Flash Calls and Message Level Reporting
• FBI investigates if 5G paranoia led to the RV bombing in Nashville, US

The post WhatsApp & iMessage share the largest amount of user data to the FBI: Leaked Document appeared first on Gizmochina.

A new report might make you more skeptical about allowing apps to track your location. Apparently, the user’s phone location data is a huge market, in which information is sold to the highest bidder in market that is estimated to be worth a whopping 12 billion US Dollars.

According to TheNextWeb, there are multiple data mining firms that collect location data along with other identifiers anonymously and then sell it to other companies that require it. The data is bought from various firms including retail foot traffic analysts to even military contractors. Serge Egelman, a researcher at UC Berkeley’s ​​International Computer Science Institute and CTO of AppCensus stated that “apps can circumvent the permission model and gain access to protected data without user consent by using both covert and side channels.”

Similarly, Justin Sherman, a cyber policy fellow at the Duke Tech Policy Lab added that There isn’t a lot of transparency and there is a really, really complex shadowy web of interactions between these companies that’s hard to untangle. They operate on the fact that the general public and people in Washington and other regulatory centers aren’t paying attention to what they’re doing.” The Markup even identified 47 companies that harvest, sell, or trade in mobile phone location data.

Notably, one of the location data brokers Oracle, has a partner that openly advertises data on millions of US individuals. This includes demographics information like personal activities and life preferences. Meanwhile Oracle, Epsilon, and others also explicitly advertises data sharing platforms to thousands of companies.

RELATED:

• US Secret Service bought location data from smartphone apps
• Elon Musk confirms Starlink will Transfer Data close to 97% of the Speed of Light
• Your Fitbit and other Bluetooth gadgets could be giving away your location data
• WhatsApp fined €225 million for breaching EU data privacy rules

The post Your location data is being sold to the highest bidder in a $12 billion market appeared first on Gizmochina.

WhatsApp, the instant messaging platform owned by Facebook, has been fined 225 million euros (approximately $267 million) by a data watchdog in Ireland for breaking the EU data privacy rules. This makes it the largest penalty handed out by the Irish data regulatory over General Data Protection Regulation (GDPR) violation and the second-largest in EU.

Data Protection Commission of Ireland says that the Facebook-owned WhatsApp failed to tell its European Union citizens about what the company does with the data collection of the user, including how the details are collected and users, as well as how WhatsApp shares the user data with Facebook.

The Irish authority had originally asked WhatsApp for a €50 million fine for breaking GDPR, but other data protection agencies pushing for a stiffer penalty. Now, the fine levied is more than four times the originally proposed.

In its order, the commission asked WhatsApp to tweak its privacy policies and how it communicates with users in order to make the platform compliant with Europe’s privacy law. This means that the messaging service may need to expand its privacy policy.

WhatsApp has said that the company will be filing an appeal over this verdict. The company’s spokesperson added, “WhatsApp is committed to providing a secure and private service. We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so. We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate.”

The company has revealed on its website that it shares information like phone numbers, transaction data, business interactions, mobile device information, IP addresses, and other information with Facebook. The firm emphasizes that it does not share personal conversations, location data, or call logs.

RELATED: 

• WhatsApp to finally bring Chat Transfer feature between iOS and Android
• Flipkart and its founders could be fined $1.35 billion for violating foreign investment laws
• WhatsApp to soon get multi-device support, disappearing mode, and view once features
• Alibaba fined $2.75 billion in China for violating anti-monopoly rules
• Brazilian state fines Apple $2 million for selling iPhone 12 without a charger

The post WhatsApp fined €225 million for breaching EU data privacy rules appeared first on Gizmochina.

Zoom Video Communications, the company behind the popular Zoom platform, has agreed to pay $85 million and improve its security practices to settle a lawsuit that claimed that the company violated users’ privacy rights.

The lawsuit alleged that the platform shared users’ personal data with Facebook, Google, and LinkedIn. It also talked about letting hackers disrupt Zoom meetings in a practice called “Zoombombing”, reports Reuters.

In the settlement agreement, the company denied wrongdoing. A preliminary settlement still requires approval by U.S. District Judge Lucy Koh in San Jose, California.

As for the compensation, the subscribers of the platform in the proposed class action would be eligible for 15% refunds on their core subscriptions or $25, whichever is larger while others could receive up to $15.

Apart from monetary compensation, Zoom has also agreed to security measures including alerting users when meeting hosts or other participants use third-party apps in meetings and providing specialized training to employees on privacy and data handling.

Though Zoom collected about $1.3 billion in Zoom Meetings subscriptions from class members, the plaintiffs’ lawyers called the $85 million settlement reasonable given the litigation risks. They intend to seek up to $21.25 million for legal fees.

The usage of Zoom surged during the COVID-19 pandemic as companies and companies, schools, and colleges opted for online meetings instead of in-person conduct. It had 497,000 customers with more than 10 employees in April 2021, a substantial increase from 81,900 in January 2020. But the company says that the user growth could slow or decline as more people get vaccines and return to work or school in person.

RELATED: 

• Zoom acquires cloud call center firm Five9 in an all-cash deal worth $14.7 billion
• Tesla to pay $1.5 million in settlement of a lawsuit related to battery voltage reduction
• Huawei and Verizon agrees to settle patent infringement lawsuits

The post Zoom agrees to settle user privacy and ‘Zoombombing’ lawsuit by paying $85 million appeared first on Gizmochina.

Earlier this week, Xiaomi officially announced that it would be conducting an investigation for applications in its Mi Store that have violated its policies regarding the collection of user data.

The Chinese tech giant shares notice of investigation for apps that have been illegally gathering and using personal information while also infringing on user rights and interests. For those unaware, there has been an emerging call from users regarding the frequent harassment and other issues regarding their personal information that has been infringed on Xiaomi’s application store, especially in China. The Mi Store has a large user base all across the globe, with its home market alone accounting for 90 million users.

So, it arrives as no surprise that certain apps target users’ data to get a more competitive edge over their rivals in the current market. In the past, user privacy and data collection policies have been scrutinized. Now, it seems that Xiaomi aims to weed out apps that have been harmful to its Mi Store users. Notably, the Chinese government is also working on reforming user data collection policies in the country, with the nation’s cyberspace regulator even ordering companies in China to delist Didi from their app stores. This was apparently due to Didi Global Inc illegally collecting users’ personal data.

In other words, Xiaomi is also joining in the efforts of its home country and is ordering app developers to reform data collection methods or face removal from its Mi Store. In the note, the brand said that it has received large amounts of feedback that have criticized apps on its platforms for their predatory data gathering practices. So, the company is springing into action, in compliance with the latest regulations from the Ministry of Industry and Information Technology.

RELATED:

• Xiaomi Mi 8 Explorer Edition, Mi 8 Pro, Mi 8 SE bag MIUI 12.5 update
• Xiaomi Mi Smart Steam Oven 30L may hit India soon, launched in the Philippines!
• Xiaomi India Mi Anniversary Sale 2021: All the Best Deals

The post Xiaomi investigates apps that violate its user data collection policies on the Mi Store appeared first on Gizmochina.

At WWDC 2021, Apple announced a new privacy feature that would better protect the users’ data when browsing on the internet. However, the Privacy Relay feature will not be available in China, which is a major market for the company.

For those unaware, the Cupertino based giant has just held its Worldwide Developers Conference on Monday (7th June 2021) where it revealed “Privacy Relay.” This feature lets one browse the internet through Safari while their data being sent through two separate servers to better hide the users’ identity and prevent tracking of their online activity like which sites they are visiting. In other words, even the iPhone maker or the users’ network provider cannot see that data.

Essentially, this feature is a bit similar in function to a VPN (virtual private network), which is something used quite often in China to get around the Great Firewall in the region that lets the government block various websites from being accessed. But now, an Apple spokesperson told CNBC that the Private Relay feature will not be arriving in users in China. Furthermore, the feature will also skip certain other regions like Saudi Arabia, Egypt, Belarus, and even Uganda.

The company stated that the reason it is not launching the feature in the aforementioned countries is due to local laws. At the moment, the use of VPN to access blocked websites in China is illegal. Since the new Privacy Relay feature works in a similar manner, the brand could face trouble with the local authorities. Back in 2017, Apple even removed a number of VPN apps from its App Store to comply with the laws in the region.

RELATED:

• Apple watchOS 8 brings support for Ultra wideband technology & several new features
• Apple announces iOS 15 with improvements to Facetime, Apple Maps, and a few other tweaks
• Apple MagSafe in iPhones might pose a risk for people with pacemakers

The post Apple will not launch Privacy Relay in China due to local regulations appeared first on Gizmochina.

It has recently been found that the personal data and phone numbers of hundreds of millions of Facebook users has been leaked online. All of this information was posted on a low level hacking forum that was found recently.

According to a BusinessInsider report, the leaked data includes personal information and the phone numbers of 533 million users of the popular social media platform. The data is from about 106 countries, including information on 32 million users from the US, 11 million users from the UK, 6 million users from India, and more. In the leak, personal data includes the users phone numbers, Facebook IDs, full names, location, birth dates, bios, and even email addresses in certain cases.

As per a statement from Facebook spokesperson, the data found online is actually scrapped due to a vulnerability that the company had patched back in 2019. Although, despite the information being dated, the information could still provide valuable information to cybercriminals that can use this information to impersonate people and scam others to handover login credentials as well.

Alon Gal, CTO of cybercrime intelligence firm Hudson Rock stated that “A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts.” Gal further added that there is not much the company can do at this point as the information is already out in the open, but has advised users to be wary of phishing schemes or fraud.

RELATED:

• Facebook says it pulled down 1.3 billion fake accounts between Oct. & Dec. 2020
• Facebook signs its first deal to pay News Corp to use its content in Australia
• Top stories from last week: Mi 11 global launch, first look at the Mi 11 Ultra, Facebook is making a smartwatch, and more

The post Over 500 million Facebook users’ phone numbers and personal data leaked appeared first on Gizmochina.

After WhatsApp faced intense backlash across the globe over its recent privacy policy changes, the messaging platform is now facing a legal complaint against it in one of its largest markets, India.

According to a Gadgets360 report, the social media giant has a petition filed against it in an Indian court earlier this week. This arrives as the first legal challenge that the company is facing for its recent privacy policy updates. For those unaware, WhatsApp rolled out an update that made changes to the application’s privacy policies. These changes gave the company the right to share some of the users’ data, like phone number and location, with its parent company Facebook, and its other platforms, Instagram, and Messenger.

Editor’s Pick: Samsung Galaxy S21, S21+, S1 Ultra pricing, pre-orders, and cashback offers for India

This, in turn, led to the company facing intense backlash in regions India, which is its largest market, with over 400 million users. Notably, the Turkish government even launched an investigation into the messaging service after the policy changes went live. Furthermore, many people have also begun shifting to other messaging services like Signal and Telegram, which has led both apps to see millions of new downloads.

According to lawyer Chaitanya Rohilla, “It [privacy updates] virtually gives a 360-degree profile into a person’s online activity.” The petition stated that ” WhatsApp has made a mockery out of our fundamental right to privacy.” At the moment, the company has given users till the 8th of February 2021 to accept the new terms. The petition also added that “This type of arbitrary behavior and browbeating cannot be accepted in a democracy and is complete ‘ultra vires’ (beyond its powers) and against the fundamental rights as enshrined in the Constitution of India.”

UP NEXT: TSMC on track with 3nm process, risk production to start in 2021

The post WhatsApp faces first legal complaint in India over its recent Privacy policy changes appeared first on Gizmochina.

After the recent WhatsApp privacy changes went live, the userbase numbers of its alternatives Signal and Telegram have surged almost immediately. In just a short span, both messaging platforms have seen millions of new users download their respective applications.

Talking about Signal first, the messaging app has seen a large influx of new users, with the company seeing new downloads nearing a million every day. For those unaware, Facebook recently updates its privacy policy for WhatsApp and other platforms, which has led it to receive a lot of criticism over its users’ data security and privacy. Since then, many have switched over to alternatives like Signal, which saw over 810,000 downloads just last Sunday alone. This marked a near 18 fold growth in just a week, as per an ETNews report.

Editor’s Pick: Redmi K30 Ultra’s successor confirmed to feature upcoming 6nm MediaTek Dimensity SoC

For those unaware, WhatsApp’s latest privacy policy has the company reserve the right to share user data, including location, phone number, with its parent company Facebook and its other social media platforms like Instagram and Messenger. Similar to Signal, Telegram has also seen a massive influx of new users, with the platform seeing 25 million new downloads in just the past 72 hours. Out of this figure, 38 percent of all new users are from Asia.

Other regions like Europe account for 27 percent, while Latin America and MENA regions account for 21 percent and 8 percent respectively. With the world becoming more privacy conscious, the move from WhatsApp has basically led to a mass exodus from the app to other platforms, which offer better privacy standards and user data protection. It remains to be seen how WhatsApp responds to its current predicament.

UP NEXT: Samsung Galaxy S21 Series: Expected Specs, Features, and Price ahead of January 14 launch

The post Telegram and Signal see millions of new downloads after recent WhatsApp privacy changes appeared first on Gizmochina.

With online privacy and data security becoming an increasing issue in recent times, various companies have taken multiple steps to secure their own systems. Now one would expect the general public to do the same, but it seems that a few have yet to realize just how terrible their passwords are.

So, lets look into some of the worst offenders of this year. The original list was compiled by NordPass, which is a password manager, and was reported by GizModo. As per the company’s list, there are still millions people using highly insecure passwords like “123456” AND “password” for their various login credentials. The worst part is that some of these passwords in the top 20 are the usual suspects that appear frequently in this list every year.

Editor’s Pick: Honor confirms security updates and after-sales service for sold and on-sale products

Unfortunately, while the password might be easy to remember and convenient for the user, they take less than a minute to crack. This also holds true to the other numerical variations like, “000000” or “123123.” Furthermore, this also extends to any other simple alphabetical passwords that generally use adjacent letters on a QWERTY format keyboard like “qwertyuiop” or “asdfghjkl.”

Here are the top 20 worst passwords of 2020:

1. 123456
2. 123456789
3. picture1
4. password
5. 12345678
6. 111111
7. 123123
8. 12345
9. 1234567890
10. senha
11. 1234567
12. qwerty
13. abc123
14. Million2
15. 000000
16. 1234
17. iloveyou
18. aaron431
19. password1
20. qqww1122

In this day and age, data breaches and cyberattacks are still a possible threat, more so for enterprises/businesses. But, this is also indicative of how a simple unique variation in passwords or making them complex goes a long way in online security for your various accounts. All of the aforementioned passwords were exposed more than 100,000 times. It is also advised to used 2 factory authentication with any service that offers it for added security.

UP NEXT: Samsung Galaxy S21 powered by SD875 appears on Geekbench scoring lower than Exynos 2100

The post Here are the top 20 Worst Passwords used by people in 2020 appeared first on Gizmochina.

Facebook is facing another lawsuit, with it being accused of spying on Instagram users through their cameras. Reportedly, the social media giant gains unauthorized of the smartphone’s selfie camera to spy on the users.

According to a Bloomberg report, the lawsuit has been filled after numerous media reports surfaced that the social media application had been accessing iPhone cameras even when the user wasn’t actively using them. Since then, Facebook has denied the reports and blamed the entire issue on a rogue bug, which it is apparently fixing, that was using the iPhone’s selfie cameras.

Editor’s Pick: A dedicated OnePlus Buds app for older OnePlus devices & other phones is in the works

An Instagram user from New Jersey, USA, filed a complaint earlier this week. The one suing stated that the use of the camera was intentional and was done for the purpose of collecting lucrative and valuable data on its users that it would not otherwise have access to.” They further stated that by “obtaining extremely private and intimate personal data on their users, including in the privacy of their own homes, they are able to collect valuable insights and market research.”

Facebook has declined to comment on this matter. Notably, this lawsuit arrives just a month after another legal action the company was facing for another illegal acquisition of user data. In recent years, online privacy and data security have become a hot debate, with many criticizing big names like Google and Facebook for having an undisclosed method of harvesting user data. So stay tuned for more updates regarding this matter.

UP NEXT: Royole FlexPai 2 passes TENAA certification, features 7.8 inch display and Snapdragon 865

The post Facebook allegedly spies on Instagram users through selfie cameras appeared first on Gizmochina.

The US government is facing another major accusation regarding data breach. This time regarding its Secret Service, who have allegedly paid for location data to illegally track down people without legal warrants or court orders.

According to a report from Motherboard, a Freedom of Information Act request has revealed that the Secret Service paid Babel Street to use Locate X, a service that supplies location data from common smartphone applications. Although the document didn’t clearly reveal the exact purpose of the tool the secret service used, but it was reported that it was utilized to create a virtual fence around a region and track devices in that area.

Editor’s Pick: Oppo Power Bank 2 launched in India, features 10,000mAh battery pack and fast charging

The contract with Locate X was between the period of September 2018 and September 2018 and had a sum transaction of 2 million US Dollars. It is speculated that the service was only used for just a few cases, however, it is also likely to have been for just one as well. At the moment, it is unknown where Babel Street sources its data from and who it is sold to. Babel nor the Secret Service has yet to comment on the matter.

UP NEXT: Here’s the official list of Samsung Galaxy devices eligible for three generations of Android updates

The post US Secret Service bought location data from smartphone apps appeared first on Gizmochina.

Google is now facing another issue regarding privacy as it received a data protection complaint. The complaint was filed by Max Shrems, an Austrian privacy activist, and accused the search giant of unlawfully monitoring users and passing on the “tracking ID’ to various advertisers.

Schrems filed the complaint through his activist group called, Noyb. It was filed with the Austrian data protection authority and mainly concerned Android users. According to their complaint, Google tracked its Android users’ phones through a unique ID, which “allows Google and countless third-parties to” track and monitor EU users. In the complaint, the group mentioned that people have to be asked for consent before being tracked.

Editor’s Pick: MediaTek is launching a new 5G chip on May 18; could be Dimensity 800 Plus

This is in line with the strict data protection rules the European Union has enforced since May 2018. Through these regulations, the data protection advisories have the power to impose fines that can amount up to 4 percent of a company’s global annual sales when concerning major breaches in conduct. Furthermore, the complaint accused Google of not collecting “valid ‘opt-in’ consent before generating the tracking ID, but seems to generate these IDs without user consent.”

According to Nyob, “Android does not allow deleting the tracking ID. It only allows users to generate a new tracking ID to replace the existing tracking ID. This neither deletes the data that was collected before, nor stops tracking going forward.” As of right now, Google has yet to make a public statement. Unfortunately, this also arrives during a period of crisis where various governments and private companies are working on tracing technology, which is another hassle regulatory bodies are dealing with.

UP NEXT: Sony smartphone shipments were all-time low with only 400,000 units in Q1 2020

(Via)

The post Google faces Privacy Complaint, accused of tracking EU users appeared first on Gizmochina.

The world is gripped by the recent Coronavirus pandemic that has affected virtually every country. However, the threats from the virus may not be limited just there as researchers warn against increasing cybersecurity threats amidst the ongoing crisis.

As various governments are enforcing lockdowns, work is quickly shifting towards the digital and online realms. But with this increase in traffic online, apart from just pressures on ISPs and telecom operators, it seems that risk online has increased as well. At the moment, crucial fields like education are under transition, but researchers have warned against potential risks.

According to CNCERT (National Computer Network Emergency Response Technical Team and Coordination Center of China), “More businesses in traditional industries are accelerating their digital transformation by using remote-working technologies to ensure business continuity, resulting in a spike in cyber threats arising from data leakage, phishing scams, ransomware, and internet frauds.”

Editor’s Pick: Huawei smartphones sold over 450,000 units in China in March, the P40 series arrives with HMS: CEO

The firm is a Chinese government cybersecurity agency that believes that remote working apps, online medical consultations, and e-learning systems could potentially harbor various risks, like hackers that could exploit vulnerabilities. Examples of this occurring is already here as online educational platforms have been suffering from DDoS attacks (Distributed denial-of-service) ever since the COVID-19 lockdowns began. This even goes as far back in January 2020.

These DDoS attacks essentially crash the server since it bombards the system with a massive number of requests. Similarly, phishing attacks are another attempt through which hackers try and gain access to sensitive data. These may be in the form of usernames, passwords, or even credit card details and can be made through communications online like fraud emails.

An example of an organized hacker group is DarkHotel. This East Asia based group has already attempted to break into to the World Health Organization’s (WHO) internal system. Furthermore, they are also responsible for coordinated cyber espionage campaigns against various Chinese agencies and their diplomatic mission through VPNs (virtual private network).

UP NEXT: Huawei sees low Revenue Growth in first quarter, Coronavirus and US Sanctions hit hard

(Via)

The post Researchers warn against new Cybersecurity threats during Coronavirus pandemic appeared first on Gizmochina.

According to a new report, researchers have found a new method to steal data from computers that are not connected to any external system or other computers. They achieved this by mapping the brightness of the LCD monitor.

The method utilizes a previously compromised computer to relay changes in the LCD’s RBG color values through a camera. The changes are imperceptible, meaning its almost impossible to map it with the naked eye, thus it requires a camera equipped device. Theoretically speaking, one can also trick someone into loading malware on their computer through a USB drive and use nearby security cameras, that have been hacked, to relay the relevant data.

Editor’s Pick: Samsung Galaxy Z Flip gets a special cavier Joker & Harley Quinn edition even before launch

In other words, all of this sounds like a technique out of science fiction or a hacking scene in a movie, but it is now also a method of extracting data out of one’s system. However, don’t worry too soon, as it is not yet possible for hackers to simply gain access to your computer’s important credentials and sensitive data through brightness alone.

A data thief would have to go through many loops like gaining access to a camera that is pointed towards the target computer for it to be possible. As it stands right now, the technique will supposedly more helpful to intelligence agencies and other such organizations rather than a hacker keeping track of your PC monitor. Although the development does give rise to a new avenue of hacking altogether, even between air-gapped computers that are completely isolated.

UP NEXT: Apple patents a Next Gen Apple Watch with Touch ID fingerprint scanner support

(Via)

The post Researchers can track PC Monitor’s brightness to Steal User Data appeared first on Gizmochina.

Railway stations in major cities will soon use facial recognition technology to assist in identifying criminals in India by the end of 2020. This move has been heavily criticized by digital rights campaigners that claim it is a significant breach in privacy in the absence of relevant laws.

The new facial recognition system will be installed in key railways stations and is being tested in India’s tech hub, Bengaluru. This system will have to scan approximately 500,000 commuters every day and will utilize artificial intelligence which will match scanned faces against the police database of criminals. A senior Indian Railway official has stated that the move will make the railways a “virtual fortress without a physical, brick and mortar boundary wall, we will be able to make the whole system more secure.”

The Indian Railways is one of the biggest railways networks in the world which spans across the entire nation and connects major cities to distant corners of the country, carrying about 23 million people or the entire population of Taiwan in a single day. However, despite its significance in transportation, it is also been known to have been used by human traffickers to lure millions of females and children. These criminals con people with attractive offers of jobs, but are then sold into slavery or bonded labor to pay of debt.

The idea behind the inclusion of the facial recognition technology to catch criminals is sound but could potentially carry a lot of risks as well. This has caused supporters and detractors of the new technology. On one hand, the system can be used to great effect and vastly improve security while others say it comes at a notable loss of privacy and perpetual surveillance.

Editor’s Pick: Harvard’s Chemistry Department Head arrested for lying about working with China

India is currently preparing to implement a nationwide facial recognition system, one of the largest in the world, which is already utilized in certain airports. However, as India advances in the technical field its laws have yet to catch up with modern laws concerning digital privacy. This has even led to a backlash from human rights group. In 2017, the Indian Supreme Court ruled that individual privacy is a fundamental right but the latest data protection bill which was introduced in parliament gives the Government the power to ask electronics based firms to hand over users’ data.

The Indian Railway’s facial recognition software will store a person’s face in the system for up to 30 days and will only be accessible to the Railway Protection force under an authorized person. According to Raman Jit Singh Chima, Access Now Director (an Asian digital rights group) the new system has been labeled “dangerous” since it did not reveal which third parties were involved and how data was handled or accessed.

Similar to railway stations, there are plans for including similar technology onboard trains as well, with security cameras being installed in 1,200 out of 58,000 carriages. The senior railway official also claimed that this was the only method through which a country like India with such a large population can be monitored and “policing has to be tech-based.”

UP NEXT: Samsung is making a Reusable Packaging Box to reduce pollution during product distribution

(Source,Via)

The post Indian Railways will use Facial Recognition technology despite Privacy Concerns being raised appeared first on Gizmochina.

A recent investigation has reportedly uncovered startling evidence that points to Avast, the antivirus software, collecting users’ browsing history data and selling it to third parties like Microsoft and Google.

The investigation was a joint effort from the Motherboard and PCMag that relied on leaked user data and other company documents to uncover the sale of private user data without user consent. Avast antivirus solutions are installed in nearly 435 million Windows, Mac and even mobile platforms globally. Reportedly, the company harvested users’ browsing history data via plugins and have been harvesting it for third party clients.

During the investigation, a document belonging to Jumpshot, an Avast subsidiary, was recovered. This detailed information regarding antivirus software which was installed on PC’s being capable of collecting data, which Jumpsht repackaged into multiple products that people bought for their computers. Reportedly, the names of clients potentially included industry giants like Google, Yelp, Microsoft, McKinsey, Pepsi, Sephora, Home Depot, Conde Nast, Intuit, and many others.

Editor’s Pick: Indian Apple users are one of the worst affected by macOS Malware Shlayer: Report

Since the report initially went public, Avast has stopped providing any browsing related data that is collected by extensions to Jumpshot. Furthermore, Jumpshot contracts have also been revealed which include dealings with a marketing firm that paid over $2 million for access to users’ browsing data in 2019.

Avast is being accused of tracking the exact date and time of when a user enters a website, alongside search history, and even keeping track of digital content like videos being viewed. This has raised a number of flags regarding the users being privy of this information. Currently, Avast is also being investigated for harvesting user data via its Antivirus software itself, apart from browser plugins.

UP NEXT: Samsung Galaxy S20 Official cases leaked, features LED, rugged design and see through covers

(Via)

The post Avast collected Users Browsing History Data and sold it to Google and Microsoft: Report appeared first on Gizmochina.

The short video making app, TikTok, is facing a lawsuit charge which claims that it harvests users’ data and sends it back to China. Reportedly, American users of the app have come forward with numerous allegations regarding its recent censorship misconduct as well. The Chinese social networking platform has denied these claims as it faces a national security probe in Washington.

Last week, a consumer class action lawsuit was filed against TikTok in California, USA. ByteDance, the Beijing-based company behind TikTok, is facing charges for harvesting user data without notice or consent and sending it back to China. Furthermore, it was also claimed in the lawsuit that the app “includes Chinese surveillance software.” This allowed it to access user data and send it to Chinese servers, including those run by Tencent and Alibaba Group Holdings.

Editor’s Pick: Qualcomm’s 3D Sonic Max fingerprint sensor can scan two fingers simultaneously

This arrives after a user in New Jersey was locked out of her TikTok account after posting a video spreading awareness of Beijing’s mass detention of Uighurs in Xinjiang. TikTok removed the video once it went viral and later claimed it was by mistake. Currently, TikTok’s parent company, ByteDance, is facing pressure from the US Government, facing an investigation by the Committee on Foreign Investment in the United States. CFIUS could force ByteDance to divest TikTok’s US operations if it is found that the company poses a national-security threat.

In the west, there is a pattern of increasing distrust over Chinese brands or those backed by Chinese companies. Huawei is one such example that faced similar allegations during the US-China trade disputes. Recently, TikTok claimed that it stores its US user data within the country and does not censor political content in line with Beijing’s instructions. Furthermore, ByteDance is reportedly considering moves to distance the TikTok brand from China.

UP NEXT: Qualcomm’s 3D Sonic Max fingerprint sensor can scan two fingers simultaneously

(Via)

The post TikTok Sued for Harvesting and sending user data to China appeared first on Gizmochina.

According to a new rule, any Chinese citizen registering for a new SIM card must submit facial recognition scans starting this Sunday. So for those that wish to register their new smartphones with their telecom operators in China, must now send facial scans from their devices to the said operator.

The guidelines were initial issued in September and require telecom companies to check the identities of individuals registering SIM cards through facial recognition and other technical methods. Notably, physical stores of the telecom operators had until 1st December to begin implementing the new standards in China.

The ministry of industry and information of China has described the new measures as a means to “protect the legitimate rights and interest of citizens in cyberspace.” But, this also makes the Chinese smartphone and internet users much easier to track and identify. At present, Chinese citizens already need to provide identity cards or passports to register a new SIM card. Furthermore, numerous social media platforms also require users to sign up with their “real-name-identities” via their phone numbers.

Editor’s Pick: Samsung to set up a new Chip Plant in Vietnam?

The new rule has already started raising security and privacy concerns as it employs in a wide field ranging from middle schools, concert venues to even public transport. Additionally, general unrest has plagued the public in regard to this decision due to the uncertainty of its regulations and standards; with lawsuits against the measure already surfacing.

The ministry has said the rule will protect citizens from phone scams and prevent the reselling of SIM cards as part of cybersecurity and anti-terrorism campaigns in China. However, human rights advocates described the new rule as another step towards a “dystopian surveillance state” where citizens are constantly monitored for dissent or signs of unrest.

UP NEXT: BOE AMOLED production to rise by 200% reaching 70 million units in 2020

(Via)

The post China now requires smartphone users to provide facial data to the Government appeared first on Gizmochina.

It appears that might be happening soon as there is a chance that pharmaceutical companies and advertisers who are interested in data about your personal health will soon have access to it.

According to a report jointly published by the Center for Digital Democracy (CDD) and American University, there is virtually no privacy measure in place to protect consumer health data, and companies who need such data are aware and plan to take advantage of it.

The report first lists the advantage there is to having a connected-health system such as personalized health insurance policies and better emergency services but states the system can also be taken advantage of. It goes on to say that since a lot of the health monitoring devices we wear are already being integrated into a growing Big Data digital health and marketing ecosystem, which is focused on gathering and monetizing personal health data in order to influence consumer behavior. If the system is allowed to grow and evolve without privacy checks in place, the nature and extent of data collected will be unprecedented.

CDD wants actions to be carried out to protect consumer health data abuse. They are requesting for collaborative efforts to develop a comprehensive approach to health privacy and consumer protection, using:

• Clear, enforceable standards for both the collection and use of information;
• Formal processes for assessing the benefits and risks of data use; and
• Stronger regulation of direct-to-consumer marketing by pharmaceutical companies.

READ MORE: Xiaomi Mi Band Sales Triples That of Apple Watch

While a number of people might not realize it yet, maybe due to the fact that only a small percentage of the world’s population uses a health monitoring device compared to smartphones but the earlier these protective measures are there, the better for the whole lot of us.

Source: Democraticmedia.org

The post We May Start Getting Ads Based on Data From Our Wearables appeared first on Gizmochina.