Tech companies like Google, Facebook and Microsoft are ignoring data controls mandated under California law, researchers say. By: Colin Lecher A new audit has found that websites across the internet may be failing to abide by California privacy law, ignoring a requirement to not track visitors who set a privacy control. The report, from researchers...

FBI Milwaukee Public Affairs Officer Caroline Clancy (414) 489-3644 April 22, 2026 Dear Parents and Guardians, Over the course of the last few years, the FBI has observed a concerning increase in activity by online actors involved in predatory activity. These predators target children across the United States, including in Wisconsin. “764” is often used...

Chris Smith writes: Incognito Mode is an internet browsing mode that most web browsers support to allow the user to visit websites without leaving traces on the computer, like browsing history. It’s a useful tool for visiting specific websites on a shared computer, or for testing websites and services in a different browser. However, Incognito...

Ernesto Van der Sar writes: HBO has obtained a DMCA subpoena, ordering X Corp. to identify the person behind a Euphoria fan account that allegedly posted spoilers from unaired episodes of Season 3. The action comes just days before the show’s long-awaited premiere this weekend, but it remains unclear what the company plans to do...

Over on Codamail (fka Cotse.net), Steve Gielda has updated his research on VPN infrastructure and its implications for your privacy. From that article: The Question VPN providers market themselves as independent services in diverse jurisdictions. This investigation asks a structural question: does the global VPN industry’s physical infrastructure actually reflect that diversity, or does it...

Colin Woods reports: The Massachusetts Department of Public Health last month settled a class-action lawsuit by a handful of Android users who claimed that the state had worked with Google to automatically install a COVID-19 contact-tracing app on their phones, and the phones of more than one million others, tracking their locations and transmitting their...

Top Class Actions reports: Google agreed to a $135 million class action settlement to resolve claims that it used Android devices to transfer information to Google without user permission, consuming cellular data. The Google class action settlement benefits consumers who have used mobile devices running the Android operating system to access the internet through cellular...

Sergiu Gatlan reports: The U.S. Federal Bureau of Investigation (FBI) warned Americans against using foreign-developed mobile applications, particularly those created by Chinese developers. In a public service announcement (PSA) issued via its Internet Crime Complaint Center (IC3) platform this Tuesday, the FBI warned of privacy and data security risks associated with these apps. “As of...

Did you sign up for the new White House app? Don’t use it until you read this, because it puts your privacy and data security at risk. Patrick Quirk takes an impressive technical piece and distills it for those of us who are not developers or coders. His article is based on original research by...

March 19, 2026 Press Release WASHINGTON, D.C. — Today, Rep. Zoe Lofgren (CA-18) re-introduced the Online Privacy Act, legislation that sets a national baseline for how Americans’ personal data can be collected, used, and shared. Key provisions of the Online Privacy Act: Prohibits companies from using private communications like users’ emails or web traffic for ads or other...

Hunton writes: On March 3, 2026, the Virginia Attorney General appealed a U.S. District Court’s grant of a preliminary injunction barring the enforcement of a new Virginia law requiring age verification and a time limit on social media use by minors under the age of 16 pending a final determination on the merits. The Virginia Consumer Data Protection Act was...

Hunton Andrews Kurth writes: On March 3, 2026, the California Privacy Protection Agency (“CalPrivacy”) announced its first California Consumer Privacy Act (“CCPA”) enforcement action involving student privacy, requiring 2080 Media, Inc., d/b/a PlayOn Sports (“PlayOn”), to pay a $1.10 million fine for alleged violations of the CCPA in a stipulated order. PlayOn is a media and technology company...

Lena Cohen and Hudson Hongo write: We’ve all had the unsettling experience of seeing an ad online that reveals just how much advertisers know about our lives. You’re right to be disturbed. Those very same online ad systems have been used by the government to warrantlessly track peoples’ locations, new reporting has confirmed. For years,...

Bruce Schneier writes: Turns out that LLMs are good at de-anonymization: We show that LLM agents can figure out who you are from your anonymous online posts. Across Hacker News, Reddit, LinkedIn, and anonymized interview transcripts, our method identifies users with high precision ­ and scales to tens of thousands of candidates. While it has been known...

Ricardo Rubio reports: A heated debate is unfolding in Spain over the boundaries of what is acceptable on social media. A Madrid court has launched proceedings against Vito Quiles, who is accused of publishing personal information about the head of Red Eléctrica España. This case could reshape the approach to privacy protection for public figures...

ATLANTA – Jamarcus Mosley pled guilty this week to charges of computer fraud, extortion, and cyberstalking after tricking hundreds of young victims into giving him control to their social media accounts, accessing their private images and videos, and threatening to release those items if they did not comply with his demands, including sending him sexually...

Reuters reports: Instagram said it would notify parents if their teenager repeatedly searches for terms related to suicide or self-harm within a short period, as pressure grows for governments to follow Australia’s ban on the use of social media for under 16s. Britain said in January it was considering restrictions to protect children online, after Australia’s move...

Over on FourthAmendment.com, John Wesley Hall writes: S.D.N.Y.: No REP in what is shared with a cloud AI program There is no reasonable expectation of privacy in what is shared with a cloud AI program, even if it’s in anticipation of litigation. Therefore, no attorney-client privilege in what the client shares with AI trying to...

Connor Jones reports: The UK’s data protection regulator has fined social media giant Reddit £14.47 million ($19.5 million) over its use of children’s data. The Information Commissioner’s Office (ICO) says Reddit’s terms of service prohibited children under the age of 13 from using the platform, yet it claims the company did not introduce an age...

Suzanne Smalley reports: U.K. Prime Minister Keir Starmer said Thursday a new law will require tech companies to remove intimate images shared without consent within two days or face large fines and potentially have their services blocked. Victims should only need to report such images once, a press release from the Department for Science, Innovation and Technology...