A Review of the Best News of the Week on Identity Management & Web Fraud

What does your car know about you? We hacked a Chevy… (Washington Post, Dec 24 2019)
Our privacy experiment found hundreds of sensors and an always-on Internet connection. Driving surveillance is becoming very hard to avoid.

Ambiguity Around CCPA Will Lead to a Slow Start in 2020 (Dark Reading, Dec 20 2019)
But longer term, compliance to California’s new privacy law represents an opportunity for companies to increase customer trust and market share.

Google Cloud: Supporting our customers with the California Consumer Privacy Act (CCPA) (Google Cloud Blog, Dec 20 2019)
Businesses that collect California residents’ personal information and meet certain thresholds (for example, revenue) will need to comply with these obligations.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~12,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Massive Errors Found in Facial Recognition Tech: US Study (SecurityWeek, Dec 20 2019)
Facial recognition systems can produce wildly inaccurate results, especially for non-whites, according to a US government study released Thursday that is likely to raise fresh doubts on deployment of the artificial intelligence technology.

Even The Government Admits Facial Recognition Is Racially Biased (VICE, Dec 20 2019)
A new federal study confirms the widely-adopted tech is fundamentally biased. It’s time to ban it.

Data Leak Exposes 267 Million Facebook Users (Infosecurity Magazine, Dec 20 2019)
Suspected data scrapers left Elasticsearch cluster wide open

Court’s Opinion Good News for EU-US Data Flows (Infosecurity Magazine, Dec 20 2019)
Standard Contractual Clauses are legal, says advocate general

Man jailed for $122 million scam that fooled Google and Facebook (Naked Security – Sophos, Dec 23 2019)
Lithuanian Evaldas Rimasauskas has been sentenced to five years in jail for successfully defrauding two US companies out of $122 million.

Former NY Hospital Employee Admits to Stealing Colleagues’ Data (Dark Reading, Dec 23 2019)
Richard Liriano pleads guilty to compromising hospital computers and co-workers’ email accounts, as well as stealing personal files and photos.

Phishing operation picking on Canadian banks since at least 2017 (SC Magazine, Dec 23 2019)
Researchers recently discovered a large-scale phishing email operation that has been targeting primarily customers of Canadian banking chains since at least 2017. The emails generally attempt to trick recipients into revealing their credentials on a phishing page that utilizes a lookalike domain and impersonates a log-in screen.

PayPal scam goes after account info, payment card data (SC Magazine, Dec 23 2019)
PayPal customers are being hit with a phishing scam designed to steal their login credentials and other PII through a series of well-crafted emails and fraudulent websites. An incident begins with an email stating that there has been some unusual activity on the person’s PayPal account that requires immediate attention in order to properly secure…