Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label online data risks. Show all posts
Privacy Policy
CFPB Cyber Security Data Brokers Data Privacy data security online data risks Privacy Policy

Privacy Expert Urges Policy Overhaul to Combat Data Brokers’ Practices

Privacy expert Yael Grauer, known for creating the Big Ass Data Broker Opt-Out List (BADBOOL), has a message for those frustrated with the endless cycle of removing personal data from brokers’ databases: push lawmakers to implement meaningful policy reforms. Speaking at the ShmooCon security conference, Grauer likened the process of opting out to an unwinnable game of Whac-A-Mole, where users must repeatedly fend off new threats to their data privacy. 

Grauer’s BADBOOL guide has served as a resource since 2017, offering opt-out instructions for numerous data brokers. These entities sell personal information to advertisers, insurers, law enforcement, and even federal agencies. Despite such efforts, the sheer number of brokers and their data sources makes it nearly impossible to achieve a permanent opt-out. Commercial data-removal services like DeleteMe offer to simplify this task, but Grauer’s research for Consumer Reports found them less effective than advertised. 

The study, released in August, gave its highest ratings to Optery and EasyOptOuts, but even these platforms left gaps. “None of these services cover everything,” Grauer warned, emphasizing that even privacy experts struggle to protect their data. Grauer stressed the need for systemic solutions, pointing to state-led initiatives like California’s Delete Act. This legislation aims to create a universal opt-out system through a state-run data broker registry. While similar proposals have surfaced at the federal level, Congress has repeatedly failed to pass comprehensive privacy laws. 

Other states have implemented statutes like Maryland’s Online Data Privacy Act, which restricts the sale of sensitive data. However, these laws often allow brokers to deal in publicly available information, such as home addresses found on property-tax sites. Grauer criticized these carve-outs, noting that they undermine broader privacy protections. One promising development is the Consumer Financial Protection Bureau’s (CFPB) proposal to classify data brokers as consumer reporting agencies under the Fair Credit Reporting Act. 

This designation would impose stricter controls on their operations. Grauer urged attendees to voice their support for this initiative through the CFPB’s public-comments form, open until March 3. Despite these efforts, Grauer expressed skepticism about Congress’s ability to act. She warned of political opposition to the CFPB itself, citing calls from conservative groups and influential figures to dismantle the agency. 

Grauer encouraged attendees to engage with their representatives to protect this regulatory body and advocate for robust privacy legislation. Ultimately, Grauer argued, achieving meaningful privacy protections will require collective action, from influencing policymakers to supporting state and federal initiatives aimed at curbing data brokers’ pervasive reach.
Read more »
Spam Calls
Cyber Security Data Brokers Data Removal data security Data Theft Identity Theft online data risks Spam Calls

How Incogni Helps Protect Your Digital Privacy and Reduces Spam

 

Managing unwanted spam messages, calls, and emails has become a necessary part of online life today. Beyond annoyance, these can lead to identity theft, financial fraud, and other issues. Much of this activity is driven by advertisers and marketing companies, which rely on data brokers who collect, store, and sell personal data for profit. In response, data removal services like Incogni have emerged to protect online privacy. Developed by Surfshark, Incogni uses automation to simplify and expedite the process of deleting personal data from these brokers’ databases. 

Incogni is designed for ease of use and requires minimal user intervention. Users authorize Incogni to handle the data removal requests with just a few initial steps. Once signed up, Incogni handles the technical legwork of filing removal requests with data brokers on the user’s behalf. It also regularly re-checks databases to ensure that data brokers don’t re-acquire the user’s information, providing ongoing protection. Incogni then tracks and organizes each request through a clean, user-friendly dashboard that categorizes requests by status, such as “sent,” “in progress,” or “completed.” The demand for Incogni reflects growing concerns over the security of personal information. When sensitive data is leaked or accessed by malicious actors, the consequences can be severe, ranging from identity theft to financial fraud.

For many, manually contacting data brokers is too complex and time-consuming. Incogni’s automation offers an efficient alternative, saving users considerable effort while giving them peace of mind about their digital privacy. Incogni is available as a standalone service, but it can also be bundled with Surfshark’s other cybersecurity tools, such as real-time data breach alerts, antivirus software, and an ad blocker, under the Surfshark One+ plan. Incogni’s appeal is in its accessibility and price. Competing data removal services like DeleteMe, Optery, Kanary, and Privacy Bee offer similar features but are often more expensive or complex. DeleteMe, for example, tracks a larger list of brokers but is more costly. Incogni balances affordability with essential functionality, making it a practical choice for users who want effective, no-frills data removal. 

This service is ideal for people who receive excessive spam or have concerns about personal information being exposed in a data breach. Additionally, for anyone who has already faced cybercrime, Incogni helps reduce ongoing risks by limiting the spread of their personal data online. While Incogni lacks some detailed tracking features offered by its competitors, it remains highly effective at what it does, making it a convenient option for most users. With an emphasis on simplicity, Incogni lets users reclaim privacy without extensive technical knowledge, automating much of the process. By reducing users’ digital footprint and preventing misuse of their information, Incogni offers an efficient layer of security in a landscape where personal data is frequently at risk.
Read more »
Technology
Cyber Threats Data collection Data Risk manufacturing industry online data risks Technology

Data Collection: What are Some ‘Unlikable’ Traits in This Growing Trend?


One of the consequences of the pandemic in the many B2B2C manufacturers was the changes in interactions with their clients. Numerous manufacturing brands in consumer packaged goods (CPG), fashion, equipment, etc. understood the advantages of implementing a direct-to-consumer approach even when the retail shops that would ordinarily distribute their products were shut down.

Due to their business model, which involved selling their goods via resellers, these businesses have typically had little contact with the final consumer. However, several manufacturers smartly constructed digital experiences to interact with, sell to, and gather data from their customers directly as a result of resellers being closed or operating at reduced capacity.

Data that was previously gathered and owned by resellers or intermediaries was suddenly made directly available to manufacturers for them to profit from and learn from. This opened up new revenue streams by charging other organizations for their data, using it to cross- or upsell products, or making the customer experience less complicated.

With all likable traits of data collection, there however exists certain risks that comes with it. These risks not only include data hack, malware or data theft but also exploitation of the collected data that may lead to a brand wreckage or even legal challenges to an organization.

In order to minimize the damaging consequence, organizations are advised to develop a proactive ethical framework rather than any reactive measure, in order to govern the use of technology and data. These principles create a foundation of security and respect for clients, reducing consumer harm.

Moreover, with the evolution of cyber threats, the previously admired strategies are now outdated. There is no longer a secure border or barrier. Through the use of security-in-depth techniques like encrypted communications, segregated areas, granular authentication and authorization, and sophisticated intrusion detection systems, system design should enable risk management and security enforcement across the whole architecture.

Lastly, the manufacturers are also urged to reconsider their views on data in order to effectively address privacy. Particularly, they ought to give top priority to well-considered governance systems that allow for informed choice-making with regard to data collection, access, and utilization. Manufacturers could guarantee that data is treated properly and ethically by designating data owners. For enterprises, having a solid governance framework is important for safeguarding user data and privacy.

Read more »
Optus Breach
Australia Data Breach Data Leaked online data risks Optus Breach

19-Year-Old Arrested for Using Leaked Optus Breach Data in SMS Scam

The Australian Federal Police (AFP) took a 19-year-old teen into its custody for allegedly attempting to leverage the data leaked following the Optus data breach late last month to extort victims. 

Officials said that the accused was running a text message blackmail scam, asking victims to transfer $2,000 to a bank account or they will risk getting their personal information misused for fraudulent activities. Credentials of almost 10 million customers were exposed in the Optus breach, including millions of passports, medicare numbers, and driver’s licenses. 

This attack raised questions as to why multiple organizations need to collect and store so much personal data of customers. Following the incident, the government of Australia is now considering developing a single digital identification service that businesses could use instead. However, the public is questioning this development. 

 “Within the audit’s remit is to consider how myGov can deliver seamless services that will frequently involve private enterprise service providers. This would prevent the need for citizens to provide sensitive data multiple times to multiple entities,” Shorten’s spokesperson said. 

As per the police, they have collected a sample database of 10,200 records that was posted briefly on a cybercrime forum accessible on the clearnet by an actor named "optusdata," before taking it down. 

The AFP further added that a search warrant at the home of the offender has been executed in which they have successfully seized a mobile phone used to send text messages to about 93 Optus customers.

"At this stage, it appears none of the individuals who received the text message transferred money to the account," the statement reads. 

The offender has been charged with using a telecommunication network with the intent to commit a serious offense and dealing with identification information. In both cases, the offender has to spend 10 and 7 years, respectively in imprisonment.
Read more »
Subscribe to: Posts (Atom)