[News] TikTok settles massive privacy lawsuit
In what may be a historic payout, TikTok has agreed to settle a $92 million dollar class-action lawsuit that argued the company illegally collected data on its users without consent. The suit alleges that TikTok violated the Computer Fraud and Abuse Act and Video Privacy and Protection Act as well as privacy laws in California.
According to Gizmodo, TikTok used facial recognition to collect age, gender, and ethnicity data from its users and then sold that information to third parties. NPR reports that the proposed settlement (which you can read here) represents applies to 89 million TikTok users in the U.S. whose personal data was allegedly tracked and sold to advertisers in violation of state and federal law.
Katrina Carroll, one of the lawyers suing TikTok on behalf of its users, said that this settlement “provides compensation for TikTok users, but equally as important, it ensures TikTok will respect its users’ privacy going forward.”
Although the company has agreed to settle the lawsuit, TikTok denied the accuracy of the allegations. In a statement to the Verge, a spokesperson for the company wrote, “while we disagree with the assertions, rather than go through lengthy litigation, we’d like to focus our efforts on building a safe and joyful experience for the TikTok community.”
In other news
- iMacs on Mars? In truly blow-your-mind news, New Scientist broke the news that the Mars rover Perseverance is running a PowerPC 750 processor, the same processor that you might once have found in Apple’s original 1998 iMac G3. Mind you, it’s not exactly the same — the processor on Perseverance has upgrades that allow it to withstand the extreme radiation and temperatures of the Mars surface. Why would NASA use such an old piece of tech? According to NASA, scientists hail the PowerPC 750 for its “ruggedness and reliability.” Gizmodo reports that the same processor already powers a hundred satellites orbiting Earth, and apparently, none of them have failed. Not a bad track record for technology that’s as old as Britney Spears’s debut single.
- LastPass security concerns. A German security researcher discovered seven different trackers in the LastPass Android app. While The Register reports that LastPass claims that “no sensitive personally identifiable user data or vault activity could be passed through these trackers,” and users have “the option to opt-out of these analytics in their LastPass Privacy Settings,” some security analysts suggest you might want to think twice about using this software.
As Mike Kuketz, who uncovered this issue, said on his blog, “it is completely out of the question to integrate [trackers] into password manager apps.” As Kuketz noted, while these trackers might not represent malicious intent on the developers’ part, “what data these modules collect and transmit to the third-party providers is sometimes not even known to the app developers themselves.”
If you’re looking for an alternative to LastPass, check out ZDNet’s recommendations or follow the discussion of other options over on Reddit.
- Google plans to stop tracking you. Google announced its intention to halt ads that rely on tracking codes that monitor where you go on the Internet. Furthermore, the company claims that it will no longer build tools that can track your web history and will remove support for third-party cookies within the Chrome browser. As Google noted in a March 3 statement, their goal is to “build innovations that protect anonymity while still delivering results for advertisers and publishers.” This announcement represents a major shift in how Google monetizes its services and may have big implications for companies relying on tracking codes and Google Ads. Engadget’s reporting suggests that these decisions may be Google’s attempt to proactively avoid facing new data privacy regulations from the U.S. and the European Union, among others.
- Bug bounty success. Hacker News reports Microsoft awarded $50,000 to Laxman Muthiyah, who reported a flaw in the company’s authentication system. After hours of running tests on their password number verification system, Muthiyah cracked the encryption designed to prevent an attacker from simultaneously submitting all 10 million verification codes. Using Microsoft’s bounty system, he alerted the company to the potential security risk that could have exposed user accounts. And this isn’t his first success — he previously hacked Instagram’s accounts in a similar fashion, earning him a hefty $30,000 from their bug bounty program.
Tip of the week
There’s an easy way to stay on top of tech news, discover WordPress best practices, learn how to get the most out of domains and hosting, find out about special deals, and more. Subscribe to the Namecheap blog and receive an email each time we publish a new article.
Don’t spend another moment in the dark — scroll down to the bottom of this article or click this link to subscribe and join in the fun!