Category / Privacy
Privacy briefings on data misuse, tracking changes, surveillance harms, regulator action, and data rights enforcement.
If you’re a user—owner?—of this cryptocurrency, this is important: On May 29, the security researcher Taylor Hornby found a critical vulnerability in Zcash Orchard privacy pool using Claude Opus 4.8. The Zcash team hired Hornby specifica…
DINUM, the digital affairs directorate of the French government, warned that hackers used a hijacked user account to breach Tchap, the French government's encrypted messaging platform.
New security development detected from CISA Cybersecurity Advisories. CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
A virtual private network service called 'First VPN,' used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement operation.
New governance development detected from EDPB News. Brussels, 5 May – On 9 May each year, Europeans celebrate the anniversary of the Schuman Declaration, the key moment which led to the creation of the EU as we know it today.
New governance development detected from EDPB News. Brussels, 23 April – The EDPB is organising a remote stakeholder event in the context of its joint work with the European Commission on upcoming guidelines on the interplay between comp…
New security development detected from CISA Cybersecurity Advisories. CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
New governance development detected from EDPB News. Brussels, 23 April – The EDPB is organising a remote stakeholder event in the context of its joint work with the European Commission on upcoming guidelines on the interplay between comp…
New security development detected from CISA Cybersecurity Advisories. CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
New security development detected from CISA Cybersecurity Advisories. On March 31, 2026, two npm packages for versions axios@1.14.1 and axios@0.30.4 of Axios npm injected the malicious dependency plain-crypto-js@4.2.1 that downloads mult…
NAKIVO Inc. announced the general availability of NAKIVO Backup & Replication v11.2, focused on fast, reliable, and proactive data protection. The new release adds automated replication, support for newer VMware vSphere and Proxmox versi…
New security development detected from CISA Cybersecurity Advisories. CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
New security development detected from CISA Cybersecurity Advisories. CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
New governance development detected from EDPB News. Brussels, 14 April - In line with the EDPB’s Helsinki Statement to make GDPR compliance easier and strengthen consistency across Europe, the EDPB has adopted a template for Data Protect…
Dutch fitness giant Basic-Fit announced that hackers breached its systems and gained access to information belonging to a million of its customers.
New governance development detected from EDPB News. Brussels, 09 April - The European Data Protection Board (EDPB) has published its 2025 Annual Report.
Cyber-attacks can severely impact personal lives and put patients at risk of harm. That’s why cybersecurity is vital for healthcare organizations to protect patient wellbeing and privacy at all times. Cybersecurity has become increasingl…
Sen. Ron Wyden is warning us of an abuse of Section 702: Wyden took to the Senate floor to deliver a lengthy speech, ostensibly about the since approved (with support of many Democrats) nomination of Joshua Rudd to lead the NSA. Wyden wa…
New governance development detected from EDPB News. Brussels, 19 March - The EDPB has launched its Coordinated Enforcement Framework (CEF) action for 2026*.
New governance development detected from EDPB News. Brussels, 19 March 2026 – The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have adopted a Joint Opinion on the European Commission’s proposal…
Privacy-focused email provider Proton Mail provided Swiss authorities with payment data that the FBI used to identify an anonymous account affiliated with the Stop Cop City movement in Atlanta, court records show.
Meta says it will discontinue end-to-end encrypted chat support on Instagram after May 8, 2026, underscoring how optional privacy protections on large platforms can remain contingent on product priorities rather than durable rights.
The EDPB and EDPS say the proposed European Biotech Act can help reduce fragmentation in clinical-trials rules, but warn that simplification cannot come at the expense of clear safeguards for sensitive health data.
The EDPB has signed a joint Global Privacy Assembly statement warning that AI-generated imagery and video can create serious privacy, dignity, and safety harms when real people are depicted without consent.
EU privacy regulators say the Digital Omnibus proposal can simplify compliance, but warn that narrowing the definition of personal data would weaken data protection.
A coordinated European enforcement action found recurring problems with how organisations handle GDPR erasure requests, including weak procedures, inconsistent deletion practices, and difficulties around backups and anonymisation.
The EDPB says its 2026–2027 work programme will focus on making GDPR compliance easier through ready-to-use templates, including materials for legitimate interest assessments, privacy notices, data breach notifications, and DPIAs.
The FTC says it will not take COPPA enforcement action against certain operators using age-verification tools solely to determine age, provided they meet strict limits on use, retention, disclosure, notice, security, and accuracy.
The EDPB’s blockchain guidance focuses on privacy by design, DPIAs, data minimisation, and the risks of storing personal data in immutable systems.
An EDPB update on cross-border data requests and AI training signals a more operational European privacy-governance agenda for organisations handling sensitive data.
A 2025 EDPB-backed report on LLM privacy risks focuses on concrete mitigations and real-world deployment scenarios rather than abstract AI principles.
The UK ICO says Reddit processed children’s data unlawfully, failed to implement robust age assurance, and did not complete a relevant DPIA before January 2025.
The UK ICO’s investigations into TikTok, Reddit, and Imgur signaled a broader regulatory focus on recommender systems, age assurance, and how platforms structurally handle children’s data.
The UK ICO fined MediaLab over Imgur’s handling of children’s data, citing absent age checks, unlawful processing of under-13 data, and failure to carry out a DPIA.
Weak privacy controls can make AI systems harder to deploy, govern, and defend over time, turning privacy into an operational AI risk question.