Topic: data deletion
-
DHS Held Chicago Police Records for Months, Violating Spy Rules
The Department of Homeland Security improperly retained Chicago Police Department records for seven months, violating intelligence oversight rules and raising surveillance concerns by keeping data on approximately 900 residents. The shared gang database was highly unreliable, containing errors li...
Read More » IAB Tech Lab Advances Privacy with GPP & DDRF Updates
The IAB Tech Lab has updated the Global Privacy Protocol (GPP) to include new state-level privacy laws and will transition to a twice-yearly update schedule starting in 2026 for better predictability. The Data Deletion Request Framework (DDRF) V2 introduces standardized formats and security measu...
Read More »-
Adobe Analytics Bug Exposed Customer Data to Other Users
A software bug during a system upgrade on September 17, 2025, caused Adobe Analytics to inadvertently share customer data across different organizational accounts, affecting 3-5% of collected data. The incident impacted multiple Adobe services, including Data Collection and Customer Journey Analy...
Read More » -
Hacker Uncovers Tesla Crash Data After Company Denied Its Existence
A hacker recovered critical crash data that Tesla had claimed did not exist in a wrongful death lawsuit, raising concerns about corporate transparency and data practices. Tesla initially stated no relevant information was available, specifically regarding the "collision snapshot" data crucial for...
Read More » -
Digital Opsec Guide: Protecting Teens Online
Protecting teens online requires understanding operational security principles to safeguard digital footprints from unintended exposure, as digital permanence can impact future relationships and opportunities. Effective digital security relies on compartmentalization, treating online activities a...
Read More » -
New Ransomware Encrypts Files with .enc, .iv, and .salt Extensions
A new ransomware strain encrypts files with .enc, .iv, and .salt extensions and demands Bitcoin payment to prevent public release of stolen data, claiming purely financial motives. The attackers emphasize their reputation for providing decryption tools and deleting data after payment to maintain ...
Read More » -
FTC Orders Illuminate to Delete Student Data in Landmark Settlement
The FTC has proposed a settlement requiring Illuminate Education to delete vast amounts of student data and overhaul its security, following a 2021 breach that compromised millions of students' sensitive information. The breach occurred due to inadequate security, including using a former employe...
Read More » -
Portugal's New Cybercrime Law Shields Security Researchers
Portugal has enacted a safe harbor law, exempting ethical cybersecurity research from prosecution if it is conducted responsibly and without seeking economic benefit. The law requires researchers to act proportionally, avoid harmful methods like data theft, and confidentially report vulnerabiliti...
Read More » -
Court Bans NSO From Using Pegasus Spyware on WhatsApp
A federal judge has permanently banned NSO Group from using Pegasus spyware to target WhatsApp users, stemming from a 2019 lawsuit by Meta over unauthorized surveillance of approximately 1,400 devices. The injunction prohibits NSO from targeting WhatsApp users or intercepting communications and r...
Read More » -
NY May Require TikTok, YouTube, and Instagram to Verify Users' Ages
New York's SAFE For Kids Act proposes that social media platforms verify user ages and restrict minors' access to algorithm-driven feeds and late-night notifications to protect youth mental health. The legislation requires platforms to use secure age verification methods, such as facial estimatio...
Read More »