Popular social media platforms and video streaming services pose serious risks to user privacy, with children and teenagers most at risk, the Federal Trade Commission found in a report published Thursday.

The report, which stretches more than 100 pages, details the data, advertising and recommendation-system efforts by these companies, and how they rely on information about users to sell ads. Users also “lacked any meaningful control over how personal information was used for AI-fueled systems” on the companies’ platforms, according to the report.

“While lucrative for the companies, these surveillance practices can endanger people’s privacy, threaten their freedoms, and expose them to a host of harms, from identify theft to stalking,” FTC Chair Lina Khan said in a press release...

LinkedIn users in the U.S. — but not the EU, EEA, or Switzerland, likely due to those regions’ data privacy rules — have an opt-out toggle in their settings screen disclosing that LinkedIn scrapes personal data to train “content creation AI models.” The toggle isn’t new. But, as first reported by 404 Media, LinkedIn initially didn’t refresh its privacy policy to reflect the data use.

The terms of service have now been updated, but ordinarily that occurs well before a big change like using user data for a new purpose like this. The idea is it gives users an option to make account changes or leave the platform if they don’t like the changes. Not this time, it seems.

To opt out of LinkedIn’s data scraping, head to the “Data Privacy” section of the LinkedIn settings menu on desktop, click “Data for Generative AI improvement,” then toggle off the “Use my data for training content creation AI models” option. You can also attempt to opt out more comprehensively via this form, but LinkedIn notes that any opt-out won’t affect training that’s already taken place.

The nonprofit Open Rights Group (ORG) has called on the Information Commissioner’s Office (ICO), the U.K.’s independent regulator for data protection rights, to investigate LinkedIn and other social networks that train on user data by default.

“LinkedIn is the latest social media company found to be processing our data without asking for consent,” Mariano delli Santi, ORG’s legal and policy officer, said in a statement. “The opt-out model proves once again to be wholly inadequate to protect our rights: the public cannot be expected to monitor and chase every single online company that decides to use our data to train AI. Opt-in consent isn’t only legally mandated, but a common-sense requirement.”

Leak on latest #ChatControl attempt (in German): https://netzpolitik.org/2024/interne-dokumente-sperrminoritaet-gegen-chatkontrolle-wackelt/ +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal experts confirm violation of our fundamental rights +++ Only 5 days to next discussion +++

Help pressure our governments into defending our #privacy of correspondence and secure #encryption now: https://www.patrick-breyer.de/en/take-action-to-stop-chat-control-now/

Not just locally on the device! There must be an error when calling or texting the number.

Data must work for internet for Signal, VoIP, etc.

This is for a UK PAYG SIM.

There should be no way for anyone to demand my number, or for me to leak it, or doing so should be irrelevant as it does not work.

Edit: word, polic->police

Even more of a police state.^[[1] https://youtu.be/8c_UdWo4Zek | https://lemmy.world/post/19890492]

On Thursday, Oracle co-founder Larry Ellison shared his vision for an AI-powered surveillance future during a company financial meeting, reports Business Insider. During an investor Q&A, Ellison described a world where artificial intelligence systems would constantly monitor citizens through an extensive network of cameras and drones, stating this would ensure both police and citizens don't break the law.

This should be far more secure and privacy friendly than a Sim card of a cellular connection. Why isn't this done more often? What are the Pros and Cons. I bet the price is similar as well.

I'm wondering which is more free (as in freedom) so I can make the right choice. I've also heard people say the regular PinePhone is better than the Pro version. I am planning on using it as a daily driver. I understand it's not perfect yet, but I'm dedicated to make it work, I don't do much with my phone. I also just want to help support Linux-based phones and would like to see it become more popular in the future! I'm planning on dropping my Google Pixel w/ GrapheneOS for this.

Need at least the camera, if not that plus a microphone and speakers, not the lock or bell.

Libre Software (Obviously) + End-to-End Encryption

Small and easy to hide, so the camera isn't stolen, attacked or bypassed.

Best answer yet

Hi :) How concernt are you about leaking your personal information by using a custom-domain for emails? Because anyone could see, who registered the domain, correct?

cross-posted from: https://lemmy.ml/post/20406932

I've been trying to delete as many online accounts as possible to reduce the threat of my personal information / duplicate passwords / my cell number getting out there. I know, it's probably not worth the effort but it does at least clean up my password manager and MFA app.

I've tried had trouble getting my personal information scrubbed and my account deleted at Robinhood and LendingTree. Both have policies that claim they're unable to delete user accounts due to federal regulations.

Here's the bit from Lending Tree: https://www.lendingclub.com/legal/privacy-policy

Data Retention: Due to the regulated nature of our industry, we are under legal requirements to retain data and are generally not able to delete consumer transactional data, credit or deposit account application data, or other financial information upon request. Certain regulations issued by state and/or federal government agencies may require us to maintain and report demographic information on the collective activities of our membership. We may also be required to maintain information about you for at least seven years to comply with applicable federal and state laws regarding recordkeeping, reporting, and audits. Criteria used to determine the period of time information about you is retained are primarily related to legal requirements and usefulness of the information for the purposes it was collected.

In both of these cases, I haven't used the account in many years (RH: 2020, LT: 2018). It serves no purpose to maintain this account other than to exist as data for some malicious actor to acquire and act upon.

With data leaks happening practically every day, I'm really not comfortable with financial agencies with varying degrees of security keeping my information forever. I would think it would be in their own best interest to comply with a deletion request to prevent anyone from scamming them.

Also, I can't tell you how many websites I've lost access to because my phone number was tied to log in. I previously had a company-issued cell phone and not longer have access to that. Any website that requires a phone number for MFA is just horrible. I'm trying to sign into another financial site now and apparently I'm not able to do so without a phone number I had eight years ago.

Wondering if anyone is familiar with this federal regulation that requires they hold on to this information and if there's some sort of way around this either with a lawyer or federal form or something.

I may go for short term work in either South Korea or Saudi for a few months. Does anybody have any idea, how safe it is to use a VPN as a foreigner in these countries? Worse case scenario, can I use a VPN in a Azure VM and scp torrent downloaded files or something?

When it comes to Intel Management Engine, I actually think it's not a threat if you neutralize it. I mean to just set the HAP bit on it. Because if that isn't enough then that means all computers in the world which use Intel CPU can be accessed by NSA but if NSA had this much power then it seems obvious that they aren't using it and why wouldn't they use it?

There's a github project to neutralize/disbale Intel ME: https://github.com/corna/me_cleaner Disable is overwriting intel ME as much as possible with zeros, leaving only a little remaining to be able to boot the computer. The newer the intel chips are, the less likely it is to be able to disable it. But all chip sets can be neutralized which means to set the HAP bit which is an official feature. In theory we can't actually trust the HAP bit to really disable intel ME permanently. It's more like asking Intel to do what they have promised because it's proprietary. But I think it really does permanently disable it because otherwise NSA would be abusing this power.

That's why I think the newer laptop models are better because it's probably not necessary to disable, it's enough to just neutralize withthe HAP bit. And with a newer modern laptop they can have open source Embedded Controller firmware which is better than proprietary Embedded Controller firmware.

I'm interested to hear what you think as well.

Hi guys wanted to know how can i use mull browser in higher refresh rate than 60hz? I know it will make me standout and more prone to fingerprinting and it's fine for my use case

This is straightforward with browser addons like uBlock Origin where you can add and choose blocklists, but I did searches for doing so system wide and using a VPN but didn't find clear answers. I could use a DNS service that provides blocklists but isn't it best practice to leave DNS to the VPN provider? I looked up blocklists and VPNs but didn't find relevant results.

On Android, I didn't find any apps that let you filter blocklists and using your own VPN other than Rethink, but the blocklists feature requires using Rethink's DNS.

So what's the best way to filter ads and trackers on both 3rd party apps and on OS's like Android (specific Samsung phones) while still using a VPN?

Hi everyone! For... I guess over a year now? I've been observing and trying out lots of software recommended by the privacy community and internet as a whole. With that time, I've been able to slowly put together a list of all the software I personally believe to be the best for their own various reasons. I finally have enough to be able to share it with all of you!

I'm also looking for feedback. I haven't tried all the software on that list, and I'm sure there's software I've never heard of that needs added. I'm looking for your feedback on what you think should be added, removed, or changed. That includes the list itself, if you think there are any design improvements.

Do note: Any software marked with a ⭐️ I am not looking for feedback on. This is software that I firmly believe is the best of the best in its category, and likely will not be changed. However, if there is a major issue with the software that you can provide direct proof of, then there is a chance it will be changed in the next release. There are no grantees.

The sections marked with ℹ️ are lacking, and can use your help! Some software there may not be the best one, or may have many software or sections missing. I am absolutely looking for help and feedback here, and would love your help!

My goal with this project is to help people find the best software from many standpoints, and to prove that there really are good open source alternatives for almost anything! I hope this helps someone, and I look forward to your feedback!

Thank you all for reading and taking the time to look through my list!

Update I have come to a decision. Thank you to all who contributed suggestions. Please feel free to keep the discussion going to help others.

Nextcloud now supports federation including activity pub!

It's me again with another question for recommendation 🙈 This time I am searching for a new Email-Provider:

Currently I am using mailbox.org (privacy-friendly provider based in Germany). Since my subscription is comming to an end there, I tought about switching to proton mail-plus. What I like about them is, that they have an easy way of creating alias-emails and also support the option to use your own domain.

But maybe you gals and guys have another great provider which offers good features for a good price.

Also: I dont need Cloud-Storage or anything like that, so just mail is fine.

Thx in regards :)

Replacing a dishwasher. Most of the mid-range options now come with fucking Wi-Fi. Found a model I liked, no info in manual and support from Samsung was of course, useless since it wasn't already in the manual and wanted to keep talking about their exciting "smart things" app. gag.

I saw a youtube video of a guy disconnecting wifi cable on a fridge. I'm fine doing that if I have to open up the board but it'll probably be smaller than the fridge and who knows if it'll be helpfully labled like the one in the video was. Internet searching showed me there may be oven keypress combinations to turn wi-fi radio on/off. Anyone have anything similar/advice for Samsung appliances, specifically dishwashers?