Nevada’s new online data privacy law, SB 220, is effective now. SB 220, or “An Act Relating to Internet Privacy”, is really nothing more than an opt-out law, allowing Nevada residents to opt-out of the sale of their personal data by the operators of websites which collect that personally identifiable information (PII).

If you have a Canva account, you can be forgiven for not knowing that it was breached, as not all, if any, Canva users got a notification from Canva about the breach, even though more than 136million users had their private information compromised. So you may be wondering how to cancel, deactivate, and delete your Canva account.

The same data uploads and downloads that make Teslas dream cars for some Tesla owners also may make them security hell for all Tesla drivers. That’s because Tesla vehicles are big, wheeled Internet of Things devices.

A newly proposed Federal law, if enacted, will extract large fines from Credit Reporting Agencies that experience data breaches, and will also establish an Office of Cybersecurity at the Federal Trace Commission.

Legislation introduced in Washington would make the practice of using so-called ‘dark patterns’ illegal. The bipartisan (!) bill is called the DETOUR Act, and stands for the Deceptive Experiences To Online Users Reduction (DETOUR) Act. Dark patterns are web interface designs created to manipulate users into taking actions and providing data that they otherwise wouldn’t. Dark patterns are based on behavioral psychology.

There is a groundswell of GDPR-like privacy legislation being introduced in several states, with laws to protect the privacy of online personal information and data being introduced in Washington, Massachusetts, Maryland, New York, Rhode Island and Hawaii.

While in the news currently, geofence warrants (also referred to as ‘geo-fence warrants’) are nothing new (and our article includes a real example of a geofence warrant). We first wrote about geofence warrants and how Google is providing law enforcement agencies with lists of devices it has identified as being in the area of a crime scene at the time of the crime almost exactly 3 years ago to the day. Once serving the geofence warrant, and receiving the data from Google’s massive device location database called Sensorvault, law enforcement agencies can then create lists of possible suspects and witnesses, all based on their knowing that the person was simply in the area, based on the tracking of their device.

AT T has started tagging telemarketer calls, so that if you have AT T and receive a telemarketing call, you will instantly know that is what it is. Concurrently, AT T and Comcast have announced a new Caller ID technology partnership which they are calling an “anti-robocalling milestone”, and in which calls that are authenticated and verified will show that the caller is verified.

In 2010 Mark Zuckerberg (in)famously announced that “Privacy was no longer the social norm.” That was when Facebook reset (relaxed) the privacy settings for all of their users. So the Internet sat up and took notice when yesterday Mark Zuckerberg said “I believe we should be working towards a world where people can speak privately and live freely knowing that their information will only be seen by who they want to see it.”

It all started with a seemingly innocent Google blog post earlier this month, in which Google announced that their ‘Hey Google’ Google Assistant was ready to go live on Nest Secure Nest Guard home security devices. Then people started having that ‘waaaait a minute…’ moment: this meant that there had to be a microphone in that Nest Guard device.

More than 25million people in the U.S. have installed an Echo, Echo Dot, or Echo Look in their home or office. And still, very few understand that every time you tell Alexa to do something, Amazon is recording, storing, and using your voice commands. Here’s exactly what and how Amazon is recording, storing, and using what you say, and how to delete those recordings.

The Association of National Advertisers (ANA) admitted this week that it had suffered a data breach last August through October (2018), about which it learned last October (2018), but which it only advised those affected this week (the last week of January, 2019). Consider these dates when also considering the fact that just last month (December 2018, two months after ANA knew about the data breach) ANA was pushing back, hard, against legislation regarding more stringent requirements for – wait for it – notification of data breaches.

In the past 24 hours it was revealed, and then admitted by Apple, that a bug in the FaceTime app was allowing FaceTime callers to listen in on the audio of what was going on around the recipient’s device before the recipient picked up the call. And if the recipient pressed the button to reject the call, instead of ending the call it would start broadcasting video from the recipient’s device as well!

Facebook has, perhaps unintentionally, revealed that they are analyzing all of your images, taking note of the content of those images, and using what they find to further their reach.

Facebook has announced that up to 1500 third-party Facebook apps had access to user photos that they were not supposed to be able to access – including unpublished photos. The self-inflicted privacy hole was due to a ‘bug’ in the Facebook photo API which, Facebook says, granted the apps unpermitted access to the photos of as many as 6.8 million Facebook users for 12 days in September of 2018.