You're protecting your data wrong – Introducing the Protected Query Pattern

https://kilpi.vercel.app/blog/2025-03-27-introducing-the-protected-query-pattern/

Encryption is a way to ensure that data sent from one device to another can’t be read if intercepted. But what if the data pertains to criminal activity? Ana-Maria Cretu from EPFL’s Security and Privacy Engineering Lab shares her expertise on safety versus privacy concerns.

#CyberSecurity #Encryption #DataPrivacy

Read more: https://go.epfl.ch/Jc4-en

It has been 7 (strikethrough) 0 days since the last time I had to add to my list of things currently occurring in the US federal government that would get me, a privacy practitioner, immediately fired if I did them:

New:
-Conducting confidential business via personal email.

Previously:
-Using non-approved apps to transmit sensitive information
-sending sensitive information without double-checking recipient list
-setting records to auto-delete in contravention of records retention policy
-Connecting an unknown external server to the network
-data access without background check
-ignoring least necessary access principles 
-admin access without any controls
-improper segmentation/separation of duties 
-coding directly on prod
-data to 3rd party tools without due diligence
-Delete security documentation because it contains “forbidden words” used in other contexts

#dataprivacy
#databreach
#facepalm
#security
#opsec

"With an expected downgrade to the status of electoral autocracy, the US will share its label with Turkey, Hungary, Iraq, India, and Russia. This makes Big Tech's data collection, storage, control over, or any use of that data an even more urgent issue around the world."

https://archive.ph/QJFOY

Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider Job

https://hackread.com/twitter-x-of-2-8-billion-data-leak-an-insider-job/

@leo Laporte, Alex Kantrowitz, Iain Thomson & @jacobward unpack the Signal breach, 23andMe's downfall & ChatGPT madness on TWiT 1025. #AIethics #DataPrivacy
Download and subscribe here: twit.tv/twit/1025

Gmail Improves Client-Side Encryption Option for Enterprises

#Google #Gmail #GoogleWorkspace #EmailEncryption #ClientSideEncryption #EnterpriseSecurity #DataPrivacy

https://winbuzzer.com/2025/04/01/gmail-adds-client-side-encryption-option-for-enterprises-xcxwbn/

Ever wondered how to compute a function across multiple parties without revealing their inputs?

This technique can be used to split secrets among parties, perform logical operations, or count votes in a way that ensures data privacy is preserved.

Read the #InfoQ article to learn more: https://bit.ly/4cx8sAV

This was really interesting and horrifying to read. It makes me want to buy a $20 burner smart phone for online shopping with a VPN.

But even scarier than the price gouging stuff, how do I know that Rite Aid didn’t sell information about me they obtained from facial recognition software when I went into their store/pharmacy to the government? They know I’m disabled because I’m on Medicare and I’m younger than 65. My disability doesn’t involve my ability to walk around a store, but if yours does will Rite Aid tell the government that they have video of you walking for 10 minutes just fine? Will that mess with your disability review? Maybe, who would even know?

Kroger’s Surveillance Pricing Harms Consumers and Raises Prices, With or Without Facial Recognition – EPIC – Electronic Privacy Information Center https://epic.org/krogers-surveillance-pricing-harms-consumers-and-raises-prices-with-or-without-facial-recognition/

Attackers say they breached the British postal service last month, scooping a whopping 144 gigabytes of data.

#UK #hackers #cyberattack #cybersecurity #datasecurity #dataprivacy

https://cnews.link/royal-mail-data-breach-hackers-claim-1/

ICYMI: Digital audience measurement: How gatekeepers weaponize opacity https://ppc.land/digital-audience-measurement-how-gatekeepers-weaponize-opacity/ #DigitalMarketing #AudienceMeasurement #DataPrivacy #SocialMedia #DigitalPlatforms

ICYMI: Digital audience measurement: How gatekeepers weaponize opacity: How digital platforms use self-preferencing tactics in audience measurement to maintain dominance. https://ppc.land/digital-audience-measurement-how-gatekeepers-weaponize-opacity/ #DigitalMarketing #AudienceMeasurement #DataPrivacy #SocialMedia #DigitalPlatforms

Trump Confident in TikTok Deal Before Deadline Amid National Security Concerns https://www.rainsmediaradio.com/2025/04/trump-confident-in-tiktok-deal-before.html?utm_source=dlvr.it&utm_medium=mastodon Follow, Like & Share #Trump #TikTok #USPolitics #NationalSecurity #DataPrivacy

7 Wege, Daten (besser) zu verschlüsseln https://www.csoonline.com/article/3856335/7-wege-daten-besser-zu-verschlusseln.html #DataPrivacy #Encryption

ICYMI: AppLovin faces data collection controversy amid market scrutiny: Investigation reveals mobile advertising giant's data practices raise platform policy concerns as share price experiences volatility. https://ppc.land/applovin-faces-data-collection-controversy-amid-market-scrutiny/ #AppLovin #DataPrivacy #MobileAdvertising #MarketScrutiny #DataCollection

Tesla alternatives, Utah's age check law, 23andMe's DNA drama & OpenAI's new AI data standard? @mikahsargent @emilyforlini & @geoffreyfowler unpack it all on Tech News Weekly 380. #TechNews #DataPrivacy Download and subscribe here: twit.tv/tnw/380

We've all heard about the power of AI, but what's the trade-off when it comes to our personal data?

In the latest episode of the @sharedsecurity #podcast I discuss recent changes in privacy policies by big tech companies like eBay and the conversation around AI's role in data usage.

Listen now and join the discussion on how we can balance convenience and privacy in an AI-driven world!

Watch on YouTube:
https://youtu.be/6wN1v4KnMW0

Listen and subscribe!
https://sharedsecurity.net/2025/03/31/understanding-privacy-changes-ebays-ai-policy-and-the-future-of-data-privacy/

https://sharedsecurity.net/subscribe

Oracle attempt to hide serious cybersecurity incident from customers

https://doublepulsar.com/oracle-attempt-to-hide-serious-cybersecurity-incident-from-customers-in-oracle-saas-service-9231c8daff4a

Good Monday morning! ️

Check out the #Cybersecurity & #DataPrivacy news items you may have missed over the weekend.

Read, Share, and Subscribe:
https://open.substack.com/pub/sherpaintelligence/p/whatd-i-miss-the-sherpa-intelligence-bd4?r=272cku&utm_campaign=post&utm_medium=web&showWelcomeOnShare=true