Washington Post: U.S. regulators have met to discuss imposing a record-setting fine against Facebook for some of its privacy violations. “U.S. regulators have met to discuss imposing a record-setting fine against Facebook for violating a legally binding agreement with the government to protect the privacy of its users’ personal data, according to three people familiar with the deliberations but not authorized to speak on the record.” I’m afraid that even a record-setting fine will be couch cushion money to Facebook, not an actual deterrent.
Wired: Facebook’s ’10 Year Challenge’ Is Just a Harmless Meme—Right?. “Imagine that you wanted to train a facial recognition algorithm on age-related characteristics and, more specifically, on age progression (e.g., how people are likely to look as they get older). Ideally, you’d want a broad and rigorous dataset with lots of people’s pictures. It would help if you knew they were taken a fixed number of years apart—say, 10 years.”
Gulf News Asia: Philippine passport maker ‘runs away’ with data of applicants. “If you’re a Filipino applying to renew your Philippine passport, authorities may require you to bring your original birth certificate. The reason: the previous outsourced ‘passport maker’ contracted by the Department of Foreign Affairs in Manila ‘took away’ all the applicants’ data, Foreign Affairs Secretary Teodoro Locsin Jr. said.”
ZDNet: CVs containing sensitive info of over 202 million Chinese users left exposed online. “A security researcher has stumbled over an unsecured MongoDB database server that contained highly detailed CVs for over 202 million Chinese users. Who owned the database is still a mystery, said Bob Diachenko, Director of Cyber Risk Research at Hacken Proof, the one who found the server’s data left exposed online.”
Ars Technica: Hot new trading site leaked oodles of user data, including login tokens. “The past few days have showered plenty of favorable attention on a new trading platform called DX.Exchange, with glowing profiles by Bloomberg News and CNBC. The only problem is that the site, which allows people to trade currencies and digitized versions of Apple, Tesla, and other stocks, has been leaking oodles of account login credentials and personal user information.”
The Register: FYI: Twitter’s API still spews enough metadata to reveal exactly where you lived, worked. “Researchers have demonstrated yet again that location metadata from Twitter posts can be used to infer private information like users’ home addresses, workplaces, and sensitive locations they’ve visited.”