Privacy News: September 20

Monitoring student protests, Privacy after Roe, and more!

Privacy News: September 20

Tracked: How Colleges Use AI To Monitor Student Protests

Arijit Douglas Sen and Derêka Bennett, Dallas Morning News / Pulitzer Center's AI Accountability Network (pulitzercenter.org)

Social Sentinel (now known as Navigate360 Detect) offers schools colleges technology to scan social media posts from students.   The company positions it as a life-saving tool to help students at risk of harming themselves or others, and according to its CEO one in four K-12 schools uses it.  But despite publicly saying its service was not a surveillance tool, "Social Sentinel representatives promoted the tool to universities for “mitigating” and “forestalling” protests." What could possibly go wrong?

During demonstrations over a Confederate statue at UNC-Chapel Hill, a Social Sentinel employee entered keywords into the company’s monitoring tool to find posts related to the protests. At Kennesaw State University in Georgia five years ago, authorities used the service to track protesters at a town hall with a U.S. senator, records show. And at North Carolina A&T, a campus official told a Social Sentinel employee to enter keywords to find posts related to a cheerleader’s allegation that the school mishandled her rape complaint.

Privacy After Roe

OPEN LETTER: Make DMs Safe

on Fight for the Future (makedmssafe.com)

An  open letter assking Facebook, Twitter, Google, Apple, Slack and other companies with  messaging platforms to protect our private messages and implement default end-to-end encryption immediately.

Facebook recently handed over direct messages between a mom and her teenage daughter to police. Now they’re being prosecuted under the state’s anti-abortion law. In an increasingly dangerous world, there’s one simple thing every messaging platform must do right now: make our messages safe using end-to-end encryption.
TAKE ACTION:
Add your signature to the open letter.

Meta faces mounting questions from Congress on health data privacy as hospitals remove Facebook tracker

Megan Molteni on STAT (statnews.com)

Meta faces mounting questions from Congress after an investigation by @TheMarkup, co-published with STAT, found its tracking tool collecting sensitive information on hospital websites.

The Data Broker Caught Running Anti-Abortion Ads—to People Sitting in Clinics

Justin Sherman on Lawfare (lawfareblog.com)

In 2015, a data broker helped anti-abortion groups target women in clinic waiting rooms. The Massachusetts attorney general decided to act.

Third-Party Tracking on Abortion Clinic Websites Sparks Data Privacy Concerns

Jill McKeon on healthitsecurity.com

Researchers analyzed abortion clinic websites and found third-party tracking tools on 99% of them, raising data privacy concerns.

Oregon, other U.S. senators push for privacy for women seeking reproductive health care

Lynne Terry on Oregon Capital Chronicle (oregoncapitalchronicle.com)

Nearly 30 U.S. senators wrote to the U.S. Department of Human Services on Tuesday urging it to enact privacy protections for abortions.

State privacy legislation

Michigan, Ohio, and Pennsylvania Consider Data Privacy Legislation

Jeffrey M. Csercsevits © Fisher Phillips on SHRM (shrm.org)

State governments are continuing to propose and adopt legislation that requires businesses to ensure privacy rights for consumers. Businesses operating in Michigan, Ohio, and Pennsylvania should prepare for potential new laws.

Key Dates from US Comprehensive State Privacy Laws

on iapp.org

The IAPP created a timeline of key dates from the comprehensive data privacy laws in California, Colorado, Connecticut, Utah and Virginia.

And ...

Detroit Cops Want $7 Million in Covid Relief Money for Surveillance Microphones

Sam Biddle on The Intercept (theintercept.com)

The company behind the mics, ShotSpotter, is going all out to guide police stations across the country on how to use relief money for the controversial technology.

Distinguished Lecture with Danielle Citron, October 5| The Fight for Privacy: Protecting Dignity, Identity, and Love in the Digital Age

University of Washington Tech Policy Lab  (techpolicylab.uw.edu)

Clearview AI, Used by Police to Find Criminals, Now in Public Defenders’ Hands

on NYTimes (nytimes.com)

After a Florida man was accused of vehicular homicide, his lawyer used Clearview AI’s facial recognition software to prove his innocence. But other defense lawyers say Clearview’s offer rings hollow.

More Bosses Are Spying on Quiet Quitters. It Could Backfire.

Christopher Mims on WSJ (wsj.com)

The tools companies use to monitor their employees can fall short of their promises, and even be counterproductive.

How to Ditch Facebook Without Losing Your Friends (Or Family, Customers or Communities)

Cory Doctorow on Electronic Frontier Foundation (eff.org)

Today, we launch “How to Ditch Facebook Without Losing Your Friends” - a narrated slideshow and essay explaining how Facebook locks in its users, how interoperability can free them, and what it would feel like to use an “interoperable Facebook” of the future, such as the one contemplated by the US..…

Going incognito: How we can protect our privacy in the metaverse

Louis Rosenberg, Unanimous A.I. on VentureBeat (venturebeat.com)

There’s no “incognito mode” in the metaverse to conceal personal information, but researchers are building a tool to protect users’ privacy.

This Ad’s for You (Not Your Neighbor)

on NYTimes (nytimes.com)

Data mining plus streaming can target political ads household by household, largely unregulated.

Google, Microsoft can get your passwords via web browser’s spellcheck

Ax Sharma on BleepingComputer (bleepingcomputer.com)

Enhanced Spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information (PII) and in some cases, passwords, to Google and Microsoft respectively.

Indonesia set to pass new data privacy law after spate of leaks

Bloomberg on DIGITIMES Inc. (digitimes.com)

Data operators could face up to five years in jail and a maximum fine of IDR5 billion (US$337,000) for leaking or misusing private information, according to Indonesia’s new data privacy bill set to be passed by parliament this week.

Rights Groups to FTC’s Lina Khan: Please Kill Amazon’s iRobot Acquisition

The A.V. Club on Gizmodo (gizmodo.com)

More than two dozen groups singed an open letter claiming the deal could “endanger fair competition,” and jeopardize consumer privacy.

The Right to Privacy in Modern Discovery: a review of another great law review article – Part 3

Ralph Losey on JD Supra (jdsupra.com)

This is the conclusion of the blog, The Right to Privacy in Modern Discovery: a review of another great law review article.

The Subjects and Stages of AI Dataset Development: A Framework for Dataset Accountability

See all articles by Mehtab Khan on papers.ssrn.com

There has been increased attention toward the datasets that are used to train and build AI technologies from the computer science and social science research co

EDPB, EDPS: Lack of resources may bring ‘weakened’ EU GDPR enforcement

on International Association of Privacy Professionals (iapp.org)

The EDPB and EDPS joined on a letter to European Parliament and the Council of the European Union urging increased funding to ensure proper GDPR enforcement.

Google, Meta fined $71.8M for violating privacy law in South Korea

Kate Park on TechCrunch (techcrunch.com)

South Korea has hit Google and Meta with a fine of ~$71.8 million (100 billion KRW) after finding they violated the country’s privacy law, the country’s authorities said on Wednesday. The watchdog said in its statement that Google and Meta did not receive legitimate consent in the process of collecting information from users who visit their websites and use other websites as well as apps for customized advertisements.

FIND OUT MORE: S.Korea fines Google, Meta billions of won for privacy violations, Soo-Hyang Choi on Reuters (reuters.com)

EDPB adopts statement on European Police Cooperation Code & picks topic for next coordinated action

on European Data Protection Board (edpb.europa.eu)

San Francisco sued by woman who says her rape-kit DNA was used to arrest her

Jon Brodkin on Ars Technica (arstechnica.com)

Jane Doe “was re-victimized by this unconstitutional practice,” lawsuit says.

Proposal to put open arrest warrants online sparks privacy, racism concerns

Dana DiFilippo on New Jersey Monitor (newjerseymonitor.com)

Watchdogs worry about the misuse of a plan proposed by a lawmaker that would create a public database of outstanding arrest warrants.