Your connected car knows you

Where you go. What you pass. Where you stop. What you listen to. What you watch. Your good habits. Your bad habits.

Companies in Europe and beyond are vying for control of the crown jewels of the connected car era: your vehicle’s data.

The contest is entering a pivotal phase as EU regulators look to hammer out the world’s first laws for the ballooning industry around web-enabled vehicles, pitting carmakers against a coalition of insurers, leasing companies and repair shops.

European Commission sources said the EU executive should launch an industry consultation on in-vehicle data this week which could lead to legislation later this year – the first of its kind globally.

Many companies view data as the gold of the new wired world, though for some it’s more akin to air or water.

“If you don’t have access to data in the future, eventually you’ll be squeezed out,” says Tim Albertsen, CEO of ALD , Societe Generale’s (SOGN.PA) car leasing division, which

— source | Nick Carey | Mar 16, 2022

Nullius in verba

Use of Google Analytics and data transfers to the United States

Google Analytics provides statistics on website traffic. After receiving complaints from the NOYB association, the CNIL, in cooperation with its European counterparts, analysed the conditions under which the data collected through this service is transferred to the United States. []–The CNIL considers that these transfers are illegal and orders a French website manager to comply with the GDPR and, if necessary, to stop using this service under the current conditions.

Google Analytics is a service that can be integrated by websites such as online sale sites in order to measure the number of visits by Internet users. In this context, a unique identifier is assigned to each visitor. This identifier (which constitutes personal data) and the associated data are transferred by Google to the United States.

The CNIL received several complaints from the NOYB association concerning the transfer to the United States of data collected during visits to websites using Google Analytics. In total, 101 complaints were filed by NOYB in the 27 EU Member States and the three other European Economic Area (EEA) states against 101 data controllers allegedly

— source | 10 Feb 2022

Nullius in verba

Google trackers are in 97% of Indian websites

Google trackers are in 97% of Indian websites, study finds. The number of android apps asking for camera and microphone permissions on smartphones has increased from 45% to 68% and 28% to 54%, respectively, in the last five years, according to a study by data security and privacy firm Arrka titled ‘State of data privacy of Indian mobile apps and websites’. The study involved 201 Indian mobile apps and websites from 100 organisations across 25 industries. Arrka tracked various privacy parameters over five years. Here are some of its findings. Google is the single largest third party with whom data is being shared, followed by Facebook. Google’s trackers were present in 97% of the websites and Facebook’s in 55%. Around 42% android apps share data with Google, and 25% with Facebook. A possible reason for this could be that organisations are providing newer services/features based on these permissions.

— source | Jan 31, 2022

Nullius in verba

India Bought Pegasus as Part of Larger $2 Billion Deal with Israel in 2017

India bought controversial spyware tool Pegasus in 2017 as part of a larger arms deal with Israel, according to a new report published by The New York Times.

Access to the spyware, which is classified as military-grade software and produced by the NSO Group, was reportedly part of a “package of sophisticated weapons and intelligence gear worth roughly $2 billion” between India and Israel.

NYT’s report, which examines how Israel reaped diplomatic gains around the world from NSO’s Pegasus spyware, details how the US’s Federal Bureau of Investigation bought a version of Pegasus. It also sheds new light on how the software ended up being sold to Poland, India and Hungary.

— source | 28/Jan/2022

Nullius in verba

Hungarian journalists targeted with Pegasus spyware to sue state

Hungarian journalists targeted with Pegasus spyware plan to take legal action against the Hungarian state and the Israeli company NSO, which manufactures the tool. The Pegasus Project, a consortium of news outlets including the Guardian, revealed last summer that forensic analysis of mobile devices showed that a number of journalists in the country had been targeted with Pegasus. in November a senior government official acknowledged for the first time that Hungary had indeed acquired Pegasus. Now the Hungarian Civil Liberties Union (HCLU) has announced it will launch legal action on behalf of six clients

— source | 28 Jan 2022

Nullius in verba

Classified ‘Pegasus Deal’ Behind Modi-Netanyahu Bonhomie

A massive package of Israeli sophisticated weapons and intelligence gear, including the NSO Group’s dreaded spyware Pegasus, worth around $2 billion (nearly Rs 12,880 crore) was the reason for the bonhomie between Prime Minister Narendra Modi and his then-Israeli counterpart Benjamin Netanyahu on Olga beach in July 2017.

The Modi government has denied purchasing the malicious software since it was first used to hack phones of journalists, lawyers and activists in October 2019. However, a January 28 New York Times (NYT) investigation has revealed that India purchased the spyware in 2017 itself as part of the package.

The NYT report, titled ‘The Battle for the World’s Most Powerful Cyberweapon’, states that Pegasus and the missile system were “the centrepieces” of the deal. Bibi visited India later that year, and in June 2019—as if to return the favour to the Israeli leader—India voted in support of Israel at the UN’s Economic and Social Council to deny observer status to Palestinian human rights organisation Shahed.

Mentioning how Modi junked India’s decades-old policy of supporting the Palestinians to revive the frosty ties with Israel, the NYT reports: “In July 2017, Narendra Modi, who won

— source | 29 Jan 2022

Nullius in verba

Salvadoran journalists’ phones hacked with spyware

The cell phones of nearly three dozen journalists and activists in El Salvador, several of whom were investigating alleged state corruption, have been hacked since mid-2020 and implanted with sophisticated spyware typically available only to governments and law enforcement, a Canadian research institute said it has found. The alleged hacks, which came amid an increasingly hostile environment in El Salvador for media and rights organizations under populist President Nayib Bukele, were discovered late last year by The Citizen Lab, which studies spyware at the University of Toronto’s Munk School of Global Affairs. Citizen Lab said it found evidence of incursions on the phones that occurred between July 2020 and November 2021. It said it could not identify who was responsible for deploying the Israeli-designed spyware. Known as Pegasus, the software has been purchased by state actors worldwide, some of whom have used the tool to surveil journalists.

— source | Jan 13, 2022

Nullius in verba

Google Analytics declared illegal in the EU.

When the Privacy Shield legislation was invalidated in 2020, this had far-reaching consequences for US online services operating in Europe: They were no longer allowed to transfer data of European citizens to the US as this would make data of European citizens vulnerable to American mass surveillance – a clear violation of the European GDPR. However, the Silicon Valley tech industry largely ignored the ruling. Now, the Austrian Data Protection Authority strikes the same chord as the European court when declaring Privacy Shield as invalid: It has decided that the use of Google Analytics violates the General Data Protection Regulation (GDPR). Google is “subject to surveillance by US intelligence services and can be ordered to disclose data of European citizens to them”. Therefore, the data of European citizens may not be transferred across the Atlantic.

— source | 2022-01-19

Nullius in verba

Pegasus Was Used to Hack Phone of Polish Opposition Leader

During the 2019 Polish parliamentary election, doctored text messages of the opposition coalition’s campaign leader Krzysztof Brejza were flashed on the country’s state-controlled television and media. The ruling Law and Justice party narrowly won the election.

Three years later, Brejza, a member of the Polish lower house of parliament, has claimed that his phone was hacked as many as 33 times by Pegasus, the flagship spyware of Israeli firm NSO, Associated Press reported on Friday.

This is the third disclosure in a week that opposition figures and an outspoken prosecutor in Poland had their phones hacked through Pegasus, which NSO claims is only sold to governments.

In a statement to AP, Polish state security services spokesman Stanislaw Zaryn said that the Polish government does not wiretap illegally and obtains court orders in “justified

— source | 26/Dec/2021

Nullius in verba