Send us a text

ProPublica's investigation reveals the National Shooting Sports Foundation has been secretly sharing gun buyers' personal information, including underwear sizes, for political purposes. This privacy breach raises serious concerns about data exploitation even in industries that publicly position themselves as defenders of individual rights.

• Gun owners group demands federal investigation into firearms industry data sharing
• Personal data shared included underwear sizes and was allegedly used for political targeting
• NSSF collaborated with Cambridge Analytica to enhance voter data
• Privacy concerns should transcend political divides - "Privacy is an everybody problem"
• The gun industry publicly defends rights while quietly engaging in data exploitation
• Senator Richard Blumenthal supports investigation into these practices

If you're a privacy professional or legal expert with insights on this issue, we'd love to have you on the show to discuss this further and answer some of the questions we've raised today.

Support the show

Send us a text

Privacy Please News, for hitting big topics quickly with a hint of sarcasm to bring some joy and knowledge. 

This week, we hit on the latest privacy events in tech with a satirical perspective on how your data is being shared, sold, and exploited. From Google's dramatic stance on sharing search data to state-sponsored hackers dominating zero-day exploits, this episode highlights the absurdity of our current digital privacy landscape.

• Google CEO Sundar Pichai compares sharing search data to "ripping out the company's brain"
• WhatsApp's new AI feature sends "private" messages to cloud servers despite Meta's safety claims
• Gun rights group outraged after gun industry shared customer data, including underwear sizes, for political campaigns
• OpenAI's Sam Altman promotes eyeball scanning for WorldC, dismissing privacy concerns as regulatory lag
• State-sponsored hackers from China and North Korea are leading the zero-day vulnerability exploitation game

Support the show

Send us a text

Cameron and Gabe return after a brief hiatus to explore major developments in security, privacy, and resilience. They dive into insights from the IAPP conference and VeeamOn, examining how AI governance and outdated privacy tools are reshaping the industry landscape.

• AI governance frameworks dominated IAPP discussions with companies "building the plane as they're flying"
• Verizon's Data Breach Report debunks overblown AI security fears, showing real risks are data leakage and poor access controls
• Growing frustration with outdated privacy management tools is driving demand for better solutions
• Security posture isn't about using recognized brands but about architecture without dangerous gaps
• Sam Altman's virtual appearance at IAPP disappointed attendees expecting an in-person keynote

Stay tuned for our bonus episode covering even more developments from this busy week in privacy and security!

Support the show

Send us a text

Privacy threats continue to escalate as human error undermines even the most secure systems, from military officials accidentally exposing classified information to Russian hackers targeting encrypted messaging apps.

• Signal security breach occurred when defense officials accidentally added a reporter to their encrypted group chat discussing sensitive military operations
• Russian-linked attackers targeting Signal users through QR code vulnerabilities, tricking users into linking their secure accounts to attacker-controlled instances
• QR codes present broader security concerns as users can't verify where they lead before scanning them
• Attackers can place malicious QR codes over legitimate ones in public spaces like restaurants and airports
• 23andMe's bankruptcy raises critical questions about the fate of genetic data from 15 million users
• When companies holding sensitive personal information go bankrupt, data ownership and protection becomes uncertain
• Human error remains the primary vulnerability in most privacy and security systems
• Always consider the long-term implications when sharing personal information with any service

Remember to think beyond the present when sharing your data – consider what might happen to that information in 10, 20, or even 30 years from now.

Support the show

Send us a text

Privacy threats are intensifying across multiple fronts, from genetic data vulnerabilities at 23andMe to corporate violations and messaging app security concerns. Cameron Ivey breaks down three urgent privacy issues and provides practical guidance on protecting your digital footprint in an increasingly vulnerable online landscape.

• 23andMe users should consider deleting their genetic data immediately due to bankruptcy proceedings that could compromise privacy protections
• Law professor Craig Conneth warns that terms of service could change during bankruptcy, with inadequate federal regulations to protect consumers
• Honda fined $632,500 by California Privacy Protection Agency for creating unnecessarily complicated opt-out processes
• Companies must reform data request procedures and stop creating "mazes of chaos" that trick consumers
• Signal messaging app, despite its encryption features, has raised NSA security concerns after being used by senior US officials
• No messaging platform is completely secure for highly sensitive information
• Stay informed about your rights under privacy legislation like the CCPA
• Be mindful about what personal information you share digitally, even on supposedly secure platforms

If you have expertise in these privacy issues and would like to join a deeper discussion on the show, contact Cameron for a potential guest appearance.

Support the show

Send us a text

We explore how uncertainty and chaos create both vulnerabilities and opportunities in privacy and security. Amid global turmoil, cybersecurity professionals must adopt a bias toward action to counter increased threats that thrive in chaotic environments.

• Chaos serves as a smoke screen for malicious actors, just as DOS attacks once distracted from network intrusions
• Recent Ghost ransomware attack affected 70 countries but received less attention due to global uncertainty
• Security resource contraction combined with increased noise creates fertile ground for more breaches
• AI may cause job losses primarily in roles created to support the initial AI boom
• States are tightening data breach reporting requirements with class action lawsuits doubling or tripling since 2022
• Some states introducing "safe harbor" laws to shield businesses that implement strict cybersecurity standards
• Elon's Department of Government Efficiency (DOGE) faces 11 lawsuits for allegedly violating Privacy Act of 1974

Support the show

Send us a text

Today's episode dives into the intersection of AI behavior and digital security concerns. We discuss a startling incident involving a malfunctioning AI robot and explore a new ransomware threat known as Ghost. 

• Overview of an AI robot incident that raised ethical concerns 
• Examination of Asimov's Laws of Robotics and their relevance 
• Introduction to Ghost ransomware and its impact on multiple industries 
• Discussion on backup security strategies and resilience against ransomware 
• Insights into the evolving tactics of ransomware attacks, including Ghost's methods 
• Encouragement for businesses to prioritize future-proofing their data security 

We encourage listeners to reach out with questions or further discussion on data backups and data security measures.

Support the show

Send us a text

The emergence of quantum computing presents a unique set of challenges and opportunities for data security and privacy. As Microsoft reveals its new quantum chip, the industry must prepare for the significant threats that stable quantum computing poses to existing encryption methods. 

• Microsoft announces a new quantum processing chip 
• Potential risks to encryption and data security 
• Industry skepticism toward claims of rapid advancements 
• Understanding the mechanics of quantum computing 
• Implications of quantum technology for various sectors 
• The need for proactive planning and strategy for security professionals

Support the show

Send us a text

The episode delves into the ongoing lawsuits challenging the sharing of personal data by federal agencies with Doge, the Department of Government Efficiency. The hosts discuss the implications of these lawsuits, particularly regarding the lack of clarity surrounding Doge's operations and the dismantling of the CFPB, raising concerns about privacy and data protection.

• Overview of Doge data lawsuits and their significance  
• Concerns about data sharing by federal agencies 
• The troubling lack of transparency surrounding Doge 
• The impact of CFPB restructuring on privacy oversight 
• Risks of diminished regulatory powers over personal data 
• Importance of citizen engagement in privacy advocacy 
• Calls for transparency and accountability in data handling 
• The evolving narrative of privacy in the digital age 
• Encouragement for listeners to stay informed and proactive

Support the show

Send us a text

The episode examines the implications of a recent hacking incident involving the Chinese AI company DeepSeek, which claims to outperform competitors on cost and performance. We discuss the risks associated with AI tools, the necessity for better governance, and the broader impacts of AI on cybersecurity and data privacy. 

• DeepSeek's emergence as a significant player in AI
• Performance claims that challenge established tech firms
• Consequences of the recent hack on industry perceptions
• The dangers of unregulated AI usage in corporations
• Governance challenges surrounding AI adoption
• Personal experiences using AI-driven coding tools
• Future predictions on AI's role in security and privacy

Support the show