Privacy

Over the last few years, the website Have I Been Pwned (HIBP) has given people the chance to check whether their personal data was compromised in any data breaches. Now the site reveals that the UK and Australian governments are using its services to monitor official domains.

That governments should check the site's database for the presence of their own email addresses is perhaps not surprising -- it's used by just about every type of body imaginable. But now the mechanics have been opened up for these two governments.

A thread appeared on Reddit yesterday in which Xbox One users say Microsoft is revealing their real names online, despite the fact they have configured their settings to block this from happening.

The thread has already gained a large number of comments. Microsoft got involved saying that it was actively investigating the issue which some gamers are describing as a serious breach of privacy and security. Almost 24 hours later, the matter may be resolved.

There are only days until Apple begins storing the data of Chinese iCloud users within China, and concern is mounting about the human rights and privacy implications.

A new data center is due to open in China at the end of this month as Apple moves to comply with Chinese authorities. It means that iCloud data such as text messages, photos and emails will be stored in China -- as will the cryptographic keys required to access the data. These keys had previously been stored in the US.

Samsung has revealed a new, free Android app -- Samsung Max, which it says is "designed to promote mobile data savings and application privacy management". The app replaces Opera Max and anyone with this app currently installed should find that it automatically updates to Samsung Max.

While Opera Max included a fully-fledged VPN tool, Samsung Max downgrades this to a DNS-masking service. There are, however, other security and privacy options, as well as tools for reducing data usage.

Just last week Facebook was hit with the news that its privacy settings -- as well as the way the company uses personal data -- are illegal in Germany. Now the social network has been threatened with fines for tracking people through third-party websites.

The tracking affects even people who do not have a Facebook account, and this is something that a Belgian court took exception to. Belgium's privacy watchdog also told Facebook to delete data that had been illegally collected about Belgian citizens.

Facebook and privacy are not words that really belong in the same sentence, so the idea that the social network is offering a VPN tool might well raise your suspicions. Back in 2013, Facebook acquired Onavo, the company behind the VPN tool Protect.

Recently, users of the Facebook iOS app noticed a link to something labelled Protect within settings. While this appears to be a built-in setting, it is in fact just a link to the Onavo Protect VPN app -- and the idea of a Facebook-owned VPN tool being promoted from within the Facebook app has people concerned. Take a look at the app description, and you may well understand why.

Facebook is no stranger to privacy-related controversy, and now a German court has ruled that the social networks' use of personal data is illegal. The court in Berlin also said that Facebook's default privacy settings violate German consumer law.

The case was brought by the federation of German consumer organisations (VZBV) which said Facebook failed to provide its users with sufficient information, and also that people were automatically opted into features.

There are many reasons for turning to VPN software, but anonymity and hiding one's location are pretty high up the list. A newly-discovered flaw in the popular free VPN Hotspot Shield, however, means that it is possible to determine key pieces of information about users.

The VPN -- produced by AnchorFree -- is used by 500 million people around the world, and security researchers have discovered a vulnerability (CVE-2018-6460) that means it is technically possible to home in on the location of an individual using the service.

With the EU's GDPR legislation coming into force in a few months, and new and potentially tougher legislation on data breaches planned in the US, a new study reveals that many enterprises are under prepared.

The report from integrity assurance company Tripwire shows that less than a fifth (18 percent) say that they are fully prepared with a process in place to notify consumers in the event of a data breach. The majority (73 percent) say they are 'somewhat prepared' and would have to figure things out 'on the fly.'

Judges have ruled that the UK government's digital surveillance program -- known variously as the Snooper's Charter and the Investigatory Powers Act -- is illegal.

In the case brought by human rights group Liberty, appeal judges found that the preceding Data Retention and Investigatory Powers Act 2014 (DRIPA) -- which ultimately became the Snooper's Charter -- failed to offer adequate protection to people's data. Of particular concern was the fact that private data could be shared between different agencies without sufficient oversight.

Military personal who used the fitness app Strava have unwittingly contributed to revealing the location of secret army bases around the world. Strava published a "heatmap" of global user activity in November, and from this data visualization the location of secret military bases was accidentally exposed.

The company argues that the information had already been made public by users who chose to share their location data. It goes on to suggest that military users might want to consider opting out of the heatmap feature of the iOS and Android app.

Facebook has published its privacy principles for the first time, ahead of the European Union's general data protection regulation (GDPR) which comes into force on May 25 -- although the company is pitching it as being part of Data Privacy Day.

On top of this, the social network has also detailed plans to use videos to educate its users about privacy. The videos will explain how to control who has access to personal data, as well as how to manage the data Facebook uses to control the ads it shows users.

Phone-maker OnePlus has had a tough time of things in the press recently with claims about users' clipboard data being mined, and the problems following a credit card breach. A second suggestion that the company was sending clipboard data back to China surfaced recently, but the company has been quick to deny any wrongdoing.

Suspicions were raised when a OnePlus user noticed a file called badwords.txt which includes a list of words such as "chairman," "private message" and "address."

Ahead of this Sunday's (January 28) Data Privacy Day, enterprise cyber security company Tripwire has conducted a poll of Twitter users asking who they were most concerned about collecting their private information.

Of the more than 300 people who took part, 40 percent say they would be most worried about corporations stealing their information. While nearly a third (27 percent) say they are most concerned about the government gathering their critical data.

When Microsoft first launched Windows 10 back in 2015, one of the big complaints people had about the new operating system was that it spied on users. Really spied on them.

Following the inevitable backlash, the software giant has reigned in this snooping with each new feature update, and the next big release -- codenamed Redstone 4 -- will take things further when it arrives in a few months' time.