Security news aggregator

Latest coverage for Privacy

Privacy concerns how laws and norms govern personal data, shaping cybersecurity duties for collection, storage, access, and disclosure.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Privacy is the ability of people to control how information about them is collected, used, retained, and disclosed. In technical and legal contexts, it covers identifiable data and data that can support inferences about a person, not only information made public. Privacy rules and organizational policies commonly address purpose, transparency, access, correction, retention, and sharing.

For security practitioners, privacy depends on reducing unnecessary data and restricting legitimate access: data minimization, encryption, least-privilege controls, segregation of identifiers, retention limits, and audit logs all reduce exposure. Compromised credentials, misconfigured storage, excessive telemetry, or third-party access can reveal sensitive information; pseudonymized datasets may also be re-identified when combined with other data. During an incident, teams must establish what personal data was accessed or disclosed, contain further exposure, preserve evidence, and meet applicable notification and handling requirements.

Showing 4 most recent headlines Filtered view

Privacy Advocates Warn of Risks from Expanding DHS Use of AI and Facial RecognitionThe U.S. Department of Homeland Security is reportedly expanding its use of emerging surveillance tools, including drones and artificial intelligence, without proper safeguards as experts warn of potential privacy violations and risks involving facial recognition and third-party data usage.

Bank Info Security 1 year, 7 months ago

GoodRx Agrees to Pay $25M to Settle Web Tracker Lawsuit

Telehealth Firm Previously Paid $1.5M Fine to FTC for Similar Privacy IssuesGoodRx has reached a $25 million preliminary settlement of proposed class action litigation alleging the telehealth company violated privacy and an assortment other laws and statues when it previously collected and shared consumers' information with third-parties through online tracking tools.