Privacy

Subterms

    Latest story

    138 Shares25 Views

    Many Lawmakers Share Their Home Addresses. Political Violence Is Changing That.

    by

    The Minnesota assassination is causing some state legislators to rethink home security and how much personal information they make public.When an assassin visited the homes of two Minnesota lawmakers on Saturday, it exposed the longstanding tension between a public official’s accessibility and their security.Both State Representative Melissa Hortman, who along with her husband Mark was killed, and State Senator John A. Hoffman, who along with his wife Yvette was wounded, readily shared their home addresses with constituents. Ms. Hortman’s address was listed on her campaign website, and Mr. Hoffman’s address had been listed on his official legislative webpage, a common practice in many states.But in the hours after the shootings, while police officers were still searching for the assassin, lawmakers across the country began to rethink their approach to privacy and safety. The Michigan State Police held security briefings for legislators. The police in Fairfax County, Va., increased patrols around lawmakers’ homes. And in North Dakota, officials decided by midday Saturday to scrub home addresses from legislator biography pages.“In light of the tragedy in Minnesota, we quickly decided to remove all addresses until our leaders have time to assess the proper balance between transparency and safety of our elected officials,” John D. Bjornson, the director of the North Dakota Legislative Council, said in an email.In interviews with lawmakers across the country, some said sharing their home address helped reassure constituents that they were part of the community and could be easily reached. But unlike governors and presidents, most state lawmakers have no special security protection when they are away from work. The country’s coarsening public discourse has left them to weigh difficult trade-offs.“Part of the reason why my address is easily found is to make it clear that I actually live in my district,” said Stephanie Sawyer Clayton, a Democratic state representative in Kansas. “If you have a P.O. box, you don’t look authentic, right?”We are having trouble retrieving the article content.Please enable JavaScript in your browser settings.Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.Thank you for your patience while we verify access.Already a subscriber? Log in.Want all of The Times? Subscribe. More

    More stories

    • 163 Shares100 Views

      in US Politics

      US supreme court rules Doge can access social security data during legal challenge

      by

      The US supreme court on Friday permitted the so-called “department of government efficiency” (Doge), a key player in Donald Trump’s drive to slash the federal workforce, broad access to the personal information of millions of Americans in Social Security Administration data systems while a legal challenge plays out.At the request of the justice department, the justices put on hold Maryland-based US district judge Ellen Hollander’s order that had largely blocked Doge’s access to “personally identifiable information” in data such as medical and financial records while litigation proceeds in a lower court. Hollander found that allowing Doge unfettered access likely would violate a federal privacy law.The court’s brief, unsigned order did not provide a rationale for siding with Doge. The court has a 6-3 conservative majority. Its three liberal justices dissented.Doge swept through federal agencies as part of the Republican president’s effort, spearheaded by billionaire Elon Musk, to eliminate federal jobs, downsize and reshape the US government and root out what they see as wasteful spending. Musk formally ended his government work on 30 May.Two labor unions and an advocacy group sued to stop Doge from accessing sensitive data at the SSA, including social security numbers, bank account data, tax information, earnings history and immigration records.The agency is a major provider of government benefits, sending checks each month to more than 70 million recipients, including retirees and disabled Americans.In their lawsuit, the plaintiffs argued that the SSA had been “ransacked” and that Doge members had been installed without proper vetting or training and had demanded access to some of the agency’s most sensitive data systems.Hollander in a 17 April ruling found that Doge had failed to explain why its stated mission required “unprecedented, unfettered access to virtually SSA’s entire data systems”.“For some 90 years, SSA has been guided by the foundational principle of an expectation of privacy with respect to its records,” Hollander wrote. “This case exposes a wide fissure in the foundation.”Hollander issued a preliminary injunction that prohibited Doge staffers and anyone working with them from accessing data containing personal information, with narrow exceptions. The judge’s ruling did allow Doge affiliates to access data that had been stripped of private information as long as those seeking access had gone through the proper training and passed background checks.Hollander also ordered Doge affiliates to “disgorge and delete” any personal information already in their possession.Based in Richmond, Virginia, the fourth US circuit court of appeals in a 9-6 vote declined on 30 April to pause Hollander’s block on Doge’s unlimited access to SSA records.Justice department lawyers in their supreme court filing characterized Hollander’s order as judicial overreach.“The district court is forcing the executive branch to stop employees charged with modernizing government information systems from accessing the data in those systems because, in the court’s judgment, those employees do not ‘need’ such access,” they wrote.The six dissenting judges wrote that the case should have been treated the same as one in which a fourth circuit panel ruled 2-1 to allow Doge to access data at the US treasury and education departments and the office of personnel management.In a concurring opinion, seven judges who ruled against Doge wrote that the case involving social security data was “substantially stronger” with “vastly greater stakes”, citing “detailed and profoundly sensitive Social Security records”, such as family court and school records of children, mental health treatment records and credit card information. More

    • 100 Shares157 Views

      in Elections

      Victoria’s Secret Takes Down Website After Security Breach

      by

      The cyberattack disrupted online sales for days and sent the lingerie company’s share price lower.Victoria’s Secret’s website remained offline on Thursday, days after the lingerie company was hit by a cyberattack that has disrupted its online sales and sent its stock price lower.The company said that it had taken its website and some in-store services down as a precaution, with teams working around the clock to restore operations. Its physical stores remained open.As of Thursday morning, Victoria’s Secret’s share price had fallen 8 percent since Tuesday. The company did not confirm when the security incident took place, but shoppers reported seeing effects of the outage on social media earlier this week. It was unclear who perpetrated the attack on Victoria’s Secret, which is based in Reynoldsburg, Ohio.The cyberattack was the latest example of a high-profile digital breach at a major retailer, raising questions about companies’ preparedness and the security of customer data.Earlier this month, Marks & Spencer, the large British retailer, was hit by a cyberattack that left the company unable to process online orders for weeks. The company told customers that some personal customer data had been taken, though not usable card or payment details or account passwords. It said there was no evidence that the data had been shared, but said it was prompting customers to change their passwords regardless.Also in late April, Harrods, the luxury department store based in Britain, experienced brief disruptions, restricting internet access at its sites as a security measure.Ransomware attacks, which can disrupt services in addition to stealing customer data, have increased in recent years. Organizations across sectors have been targeted, including hospitals.Cody Barrow, the chief executive of Eclectic IQ, a cybersecurity services company, said the attack on Victoria’s Secret could underscore the vulnerability of retailers, many of whom rely on third party systems, such as payment providers.“To me what it says is that retailers are still not segmenting systems well enough to contain incidents,” Mr. Barrow said. “Third parties are the biggest blind spot right now, especially for retailers.” More

    • 138 Shares189 Views

      in Elections

      Google Agrees to Pay $1.4 Billion to Settle 2 Privacy Lawsuits

      by

      The Texas attorney general brought the cases in 2022 under state laws.Google agreed to pay $1.4 billion to the State of Texas on Friday to settle two lawsuits accusing it of violating the privacy of state residents by tracking their locations and searches, as well as collecting their facial recognition information.The state’s attorney general, Ken Paxton, who secured the settlement, brought the suits in 2022 under Texas laws related to data privacy and deceptive trade practices. Less than a year ago, he reached a $1.4 billion settlement with Meta, the parent company of Facebook and Instagram, over allegations it had illegally tagged users’ faces on its site.Google’s settlement is the latest legal setback for the tech giant. Over the past two years, Google has lost a string of antitrust cases after being found to have a monopoly over its app store, search engine and advertising technology. It has spent the past three weeks in the search case trying to fend off a U.S. government request to break up its business.“Big Tech is not above the law,” Mr. Paxton said in a statement.José Castañeda, a Google spokesman, said the company had already changed its product policies. “This settles a raft of old claims, many of which have already been resolved elsewhere,” he said.Privacy issues have become a major source of tension between tech giants and regulators in recent years. In the absence of a federal privacy law, states such as Texas and Washington have passed laws to curb the collection of facial, voice and other biometric data.Google and Meta have been the highest-profile companies challenged under those laws. Texas’ law, called Capture or Use of Biometric Identifier, requires companies to ask permission before using features like facial or voice recognition technologies. The law allows the state to impose damages of up to $25,000 per violation.The lawsuit filed under that law focused on the Google Photos app, which allowed people to search for photos of a particular person; Google’s Next camera, which could send alerts when it recognized visitors at a door; and Google Assistant, a virtual assistant that could learn up to six users’ voices and answer their questions.Mr. Paxton filed a separate lawsuit that accused Google of misleading Texans by tracking their personal location data, even after they thought they had disabled that feature. He added a complaint to that suit alleging that Google’s private browsing setting, which it called Incognito mode, wasn’t actually private. Those cases were brought under Texas’ Deceptive Trade Practices Act. More

    • 175 Shares149 Views

      in US Politics

      Opt out: how to protect your data and privacy if you own a Tesla

      by

      Welcome to Opt Out, a semi-regular column in which we help you navigate your online privacy and show you how to say no to surveillance. The last column covered how to protect your phone and data privacy at the US border. If you’d like to skip to a section about a particular tip, click the “Jump to” menu at the top of this article.At the press of a button, your Tesla pulls itself out of parking spot with no one behind the wheel using a feature called Summon. It drives itself on highways using Autopilot. When you arrive at your destination, it can record nearby activity while parked with a feature called Sentry Mode.To effectively operate any of these features, your car needs to monitor and collect a large amount of data about you. Most Tesla vehicles come equipped with nine internal and external cameras. Information from your Tesla, delivered via location trackers, sensors and more, can paint an intricate picture of your life and movement.“Teslas are truly rolling surveillance platforms,” said John Davisson, a senior counsel and director of litigation at digital rights research group Electronic Privacy Information Center. “There are some privacy safeguards that Tesla offers that at least allow you, on the face of the settings, to opt out of data sharing … provided that Tesla is actually following through on those commitments.”Tesla isn’t alone in collecting a considerable amount of data to enable a suite of advanced features on your vehicle. Any connected car collects some level of information to operate. Some Tesla owners are newly concerned, given CEO Elon Musk’s role in Donald Trump’s administration.Those concerns are not entirely unfounded, according to Reem Suleiman, the director of advocacy at Mozilla Foundation, which gave Tesla a “privacy not included” grade in its assessment of the carmaker’s data security practices. For one, the company’s track record of protecting user data is shaky. In 2023, a Reuters investigation found that employees were sharing sensitive footage that vehicles captured in internal messaging forums. A Washington Post analysis of transparency reports published by Twitter and then X after Musk took over likewise showed that X acquiesced to 20% more government requests to remove content in just the first half of 2024 than Twitter did in all of 2021 – the last time the company published the transparency report.We spoke to privacy experts, consulted Tesla’s privacy policy and even asked Tesla’s own AI chatbot how to share the least amount of data with Tesla as possible. If you own a Tesla, there are some precautions you can and, in many cases, should take with regards to your vehicle. But be forewarned: adjusting these settings so that you share the least possible amount of data with Tesla will shut off access to many of your car’s functions.“They pretty much say that, if you choose to opt out of data collection, then your car is essentially a lemon,” Suleiman said. “They essentially say that your vehicle can have reduced functionality, serious damage or inoperability. So it’s kind of a non-choice, when you think about it.”Here’s what you need to know about your privacy in Tesla vehicles:What information is your Tesla collecting about you?Tesla’s privacy policy details a wide swath of data that its vehicles collect – most of which is stored locally but is also sent to the company unless you change your settings.According to Tesla’s AI chatbot, information collected on you includes: “location data (although Tesla doesn’t record or store vehicle-specific GPS information, except in the case of a crash); driving habits and behaviors (such as speed, braking patterns, and acceleration); diagnostic and vehicle usage data (to help improve Tesla’s products and services); infotainment system data (like browsing history and voice commands) and Autopilot data (camera recordings, sensor readings, and other inputs to support advanced safety features)”.The good news is that data can be collected and stored on your vehicle’s local drives if opt out of sharing information with the company. The bad news is that data can still be accessed if law enforcement somehow gets a hold of your vehicle during a traffic stop or other circumstance, according to the Electronic Privacy Information Center’s Davisson.And it’s not just your car that’s collecting information. The Tesla mobile app, from which you can activate Sentry Mode or Summon, also collects location, contact, browsing and device information. Read on for how to dial back how much your car monitors you.Who is Tesla sharing your data with?If you opt to share your data with Tesla, all of the data it collects on you may be shared with third parties, including law enforcement. According to the company’s privacy policy, in addition to sharing data with law enforcement when the company receives a valid court order, Tesla will also share data when it is “essential to protect national security or public safety”. Davisson says that language is vague and opens the door for video footage to be shared with law enforcement for any number of reasons. Recently, for instance, the FBI has categorized vandalism of Tesla vehicles and showrooms as “domestic terrorism”.“Especially now, when everything is apparently a national emergency, it’s a very short hop from that to considering immigration enforcement to be a safety issue that requires constant sharing of real-time footage to Ice or other law enforcement officials,” said Davisson. “And it’s a scary situation.”So how do you protect your data?Consider other vehiclesEveryone has a different risk profile when it comes to their privacy. Some people may be more concerned than others about who is gaining access to their personal information. It’s not just your own privacy you need to be cognizant of, however, as Tesla’s exterior cameras can collect footage of people around the vehicle as well.If you are concerned about information gathering and don’t already have a Tesla, privacy experts say you should opt for a different car. If you do have one and want to reclaim your privacy, sell it. Even Tesla’s AI chatbot gave similar advice.“If someone is deeply concerned about their privacy, they might consider alternatives, such as: 1 Opting for a vehicle manufacturer with more restrictive data collection practices (though this might come at the cost of reduced convenience features); 2 Exploring aftermarket solutions or modifications that could potentially reduce data sharing (though this might void warranties or introduce compatibility issues).”skip past newsletter promotionafter newsletter promotionFactory-reset your car before selling itSo you’ve already bought a Tesla, and you’ve decided to sell it. Suleiman and the Mozilla Foundation highly recommend factory-resetting the car before you do. That means your car will be wiped of all of its data as if it was just coming off the lot.“Just because you sell your car off doesn’t mean that you’ve scrubbed the data,” Suleiman said. “It requires a little bit of due diligence.”So before you take the vehicle off your Tesla account, you will need to factory-reset your car from your in-car settings. Sit in the driver’s seat and follow these steps:1 Go to Controls > Service > Factory Reset.2 Enter your Tesla account username and password to verify your credentials.3 Confirm that you want to perform a factory reset.“This will erase all personal data, including saved addresses, music favorites and imported contacts, and restore your car’s settings to their factory defaults,” according to Tesla’s AI chatbot. The company also recommends deleting your “HomeLink” devices – which can allow you to control things like your garage door, lights or home security system from your Tesla. Do that by clicking on the “HomeLink” icon at the top of the “Controls” screen then going to HomeLink settings, where you can remove connections to other devices.How to share the least amount of your data with TeslaIn the settings of your vehicle and the Tesla app, you can opt not to share your data with the company. But as we’ve said before, be prepared to lose some functionality of your car.Opting out of data-sharing in your car is fairly straightforward. In your vehicle, go to Settings > Software > Data sharing. Turn off “allow data sharing”. This will disable the sharing of analytics, road segment, diagnostic and vehicle usage data. Tesla’s AI chatbot also recommended turning off “allow Autopilot analytics” to stop sharing Autopilot-related data.Opt out of mobile app location and data sharing. In the Tesla app, go to Settings (the button will either look like three horizontal lines or a gear icon). Then scroll down to Security and Privacy. Then select turn off Location Services. Click Turn off Analytics to stop sharing app usage data to the company. Then revoke access to your camera, microphone and contacts.“By following these steps, you’ll be sharing the least amount of data with Tesla while still enjoying the core features and functionalities of your vehicle and mobile app,” according to the Tesla AI chatbot.But this will affect the functionality of your car. According to Tesla’s chatbot, data sharing will affect these features:“Remote vehicle monitoring and control through the mobile app (eg, checking your vehicle’s status, location, and surroundings); navigation and routing optimization (although basic navigation will still work); geofencing and smart preconditioning (your vehicle won’t be able to anticipate your arrival or departure); some Autopilot features, such as traffic-aware cruise control and automatic emergency braking, may not function optimally; over-the-air software updates might be delayed or unavailable; certain advanced safety features, like Emergency Services, may not work seamlessly.”“I don’t think it should be a trade-off,” Davisson said. “It is true that some of the collision avoidance systems and autonomous features on Teslas like other vehicles do rely on data collection and cameras. But it should not come at the cost of the privacy, certainly of the driver or passengers of the vehicle or for people that happen to be in the area surrounding the vehicle.” More

    • 113 Shares169 Views

      in Elections

      Homeland Security Officials Push I.R.S. for 700,000 Immigrants’ Addresses

      by

      The tax collector has so far denied the request because of concerns it violates taxpayer privacy laws.The Department of Homeland Security has pushed the Internal Revenue Service to turn over the addresses of roughly 700,000 undocumented immigrants it is seeking to deport, according to three people familiar with the matter, in a request that could violate taxpayer privacy laws.I.R.S. officials have so far denied the department’s attempts to verify the addresses, the people said, because of the legal concerns. But the request is part of a broader effort by the Trump administration to enlist the tax collector in its plans for mass deportations.Many undocumented immigrants file tax returns with the I.R.S., giving the agency information about where they live, their families, their employers and their earnings. The I.R.S. gives immigrants without Social Security numbers a separate nine-digit code called an individual tax payer identification number to file their returns.Taxpayer information is typically kept closely held at the I.R.S., with improper disclosure barred under federal law. I.R.S. officials have told their Department of Homeland Security counterparts that they need to follow rules governing taxpayer privacy, the people familiar with the matter said.Representatives for the I.R.S. and the Department of Homeland Security did not immediately respond to a request for comment. The Washington Post reported earlier on the request.The request is a sign of the lengths Trump administration officials are trying to go to deport millions of immigrants in the United States illegally. Administration officials are preparing to create a registry listing migrants and are using military sites to help deport them.The Trump administration has repeatedly sought access to taxpayer information at the I.R.S. in ways that officials at the tax agency have worried could violate federal law. The agency recently signed an agreement allowing a member of Elon Musk’s Department of Government Efficiency to view anonymized taxpayer data as part of a push to modernize the agency’s software. The Musk team is leading an effort to shrink federal programs and the government’s work force.The Department of Homeland Security had previously tried to enlist I.R.S. agents in its broad immigration crackdown, asking for agents to audit companies that might be hiring unauthorized immigrants, according to a copy of a memo viewed by The New York Times. President Trump has also suggested that I.R.S. agents could be sent to the border with Mexico.The requests have added to the tumult at an agency that is already reeling. The I.R.S. has been hit with more than 7,000 layoffs under the Trump administration so far, and its acting commissioner, Doug O’Donnell, stepped down on Friday, the second resignation at the top in little more than a month.Mr. Trump and Mr. Musk have both suggested that the I.R.S. should be abolished. More

    • 138 Shares189 Views

      in Elections

      Top Social Security Official Leaves After Musk Team Seeks Data Access

      by

      The departure of the acting commissioner is the latest backlash to the Department of Government Efficiency’s efforts to access sensitive data.The top official at the Social Security Administration stepped down this weekend after members of Elon Musk’s so-called Department of Government Efficiency sought access to sensitive personal data about millions of Americans held by the agency, according to people familiar with the matter.The resignation of Michelle King, the acting commissioner, is the latest abrupt departure of a senior federal official who refused to provide Mr. Musk’s lieutenants with access to closely held data. Mr. Musk’s team has been embedding with agencies across the federal government and seeking access to private data as part of what it has said is an effort to root out fraud and waste.Social Security payments account for about $1.5 trillion, or a fifth, of annual federal spending in the United States. President Trump has pledged not to enact cuts to the program’s retirement benefits, but he has indicated that he is willing to look for ways to cut wasteful or improper spending from the retirement program that pays benefits to millions of Americans.An audit produced by the Social Security Administration’s inspector general last year found that from 2015 to 2022, the agency paid almost $8.6 trillion in benefits and made approximately $71.8 billion, or less than 1 percent, in improper payments that usually involved recipients getting too much money.Mr. Musk’s team at the Social Security Administration was seeking access to an internal data repository that contains extensive personal information about Americans, according two people familiar with the matter, who spoke on the condition of anonymity out of fear of retaliation. The agency’s systems contain financial data, employment information and addresses for anyone with a Social Security number.“S.S.A. has comprehensive medical records of people who have applied for disability benefits,” said Nancy Altman, president of Social Security Works, a group that promotes the expansion of Social Security. “It has our bank information, our earnings records, the names and ages of our children, and much more.”We are having trouble retrieving the article content.Please enable JavaScript in your browser settings.Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.Thank you for your patience while we verify access.Already a subscriber? Log in.Want all of The Times? Subscribe. More

    • 113 Shares199 Views

      in Elections

      Forget the Instagram Hard Launch: Are You Location-Sharing Official?

      by

      It’s the final frontier in digital expressions of coupledom. But for some people, it’s always going to be creepy.Niara Sterling is a D.J. living in Brooklyn who frequently travels to different cities and countries to perform in front of thousands of guests at parties, concerts and other events.In her last relationship, she shared her phone location with her girlfriend, as well as with a few close friends and family members — and didn’t think twice about it. She and her ex, a fellow female D.J., both frequently worked at night, so knowing where they each were afforded some peace of mind in case of an emergency.“God forbid something happens, you can find my location,” said Ms. Sterling, 30. “I also think I didn’t mind it because we had an honest relationship. I didn’t have anything to hide; we lived together already anyway.”Since Apple’s location-sharing app Find My debuted more than a decade ago, it has become widely used as a way not only to keep tabs on your devices, children or luggage, but also to check in on your romantic partner. But the app, which can be used to prioritize your closest friends above other acquaintances, can also complicate dynamics within friend groups.So it’s no surprise that the use of Find My — and similar location-sharing apps — is popular among those in romantic relationships. In many ways, the Find My app has become a way to signal that your relationship is official, much as users would give a partner pride of place in their Myspace Top 8, change their status on Facebook to “In a Relationship” or hard launch on Instagram.But while there are those who see Find My as a helpful tool when coordinating plans or preparing for emergencies, others find it to be controlling and intrusive.We are having trouble retrieving the article content.Please enable JavaScript in your browser settings.Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.Thank you for your patience while we verify access.Already a subscriber? Log in.Want all of The Times? Subscribe. More