Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label surveillance. Show all posts
surveillance
AI Cloud Data Internet Privacy Stalkerware surveillance

FTC Refuses to Lift Ban on Stalkerware Company that Exposed Sensitive Data


The surveillance industry banned a stalkerware maker after a data breach leaked information of its customers and the people they were spying on. Consumer spyware company Support King can't sell the surveillance software now, the US Federal Trade Commission (FTC) said. 

The FTC has denied founder Scott Zuckerman's request to cancel the ban. It is also applicable to other subsidiaries OneClickMonitor and SpyFone.

Recently, the FTC announced the move in a press release when Zuckerman petitioned the agency to cancel the ban order in July of 2025. 

The FTC banned Zuckerman from “offering, promoting, selling, or advertising any surveillance app, service, or business,” in 2021 and stopped him from running other stalkerware business. Zuckerman had to also delete all the data stored by SpyFone and went through various audits to implement cybersecurity measures for his ventures. Then acting director of the FTC's Bureau of Consumer Protection, Samuel Levine said that the "stalkerware was hidden from device owners, but was fully exposed to hackers who exploited the company’s slipshod security."

Zuckerman in his petition said that the FTC mandate has made it difficult for him to conduct other businesses due to monetary losses, even though Support King is out of business and he now only operates a restaurant and plans other ventures.

The ban came from a 2018 incident after a researcher discovered an Amazon S3 bucket of SpyFone that left important data such as selfies, chats, texts, contacts, passwords, logins, and audio recordings exposed online in the open. The leaked data comprised 44,109 email ids.

According to Samuel, “SpyFone is a brazen brand name for a surveillance business that helped stalkers steal private information." He further said that the "stalkerware was hidden from device owners, but was fully exposed to hackers who exploited the company’s slipshod security.r

According to TechCrunch, after the 2021 order, Zuckerman started running another stalkerware firm. In 2022, TechCrunch found breached data from stalkerware application SpyTrac. 

According to the data, freelance developers ran SpyTrac who had direct links with Support King. It was an attempt to escape the FTC ban. Additionally, the breached data contained records from SpyFone, which Support King was supposed to delete. Beside this, the data also contained access keys to the cloud storage of OneClickMonitor, another stalkerware application. 

Read more »
Waymo
Cyber Crime Footage Robotaxi San Francisco Shooting surveillance Waymo

Waymo Robotaxi Films Deadly San Francisco Shooting

 

A Waymo autonomous vehicle may have captured video footage of a fatal shooting incident in San Francisco's Mission neighborhood over the weekend, highlighting the emerging role of self-driving cars as potential witnesses in criminal investigations. The incident resulted in one man's death and left another person critically injured.

The incident and arrest

According to 9-1-1 dispatcher calls cited by the San Francisco Standard, a Waymo robotaxi was parked near the crime scene during the shooting. Police have identified the suspect as 23-year-old Larry Hudgson Jr., who was subsequently arrested without incident in a nearby neighborhood and booked into county jail. It remains unclear whether law enforcement has formally requested footage from the autonomous vehicle.

Privacy concerns

Waymo vehicles are equipped with extensive surveillance technology, featuring at least 29 cameras on their interiors and exteriors that continuously monitor their surroundings. This comprehensive camera coverage has drawn criticism from privacy advocates who describe the vehicles as "little mobile narcs" capable of widespread surveillance. The company maintains it does not routinely share data with law enforcement without proper legal requests.

Company policy on law enforcement access

Waymo co-CEO Tekedra Mawakana explained the company's approach during an interview with the New York Times podcast Hard Fork, emphasizing transparency in their privacy policy. The company follows legal processes when responding to footage requests and narrows the scope as necessary. Waymo representatives have stated they actively challenge data requests lacking valid legal basis or those considered overbroad.

This incident exemplifies how smart devices increasingly contribute to the surveillance economy and criminal investigations. Similar cases include Amazon being ordered to provide Echo device data for a 2017 New Hampshire murder investigation, Tesla cameras assisting in hate crime arrests in 2021, and Uber Eats delivery bot footage used in an abduction case. As autonomous vehicles become more prevalent in American cities, their role as digital witnesses in criminal cases appears inevitable.
Read more »
Technology
attacks Iran Israel surveillance Technology

Iran Attacks Israeli Cybersecurity Infrastructure


The National Cyber Directorate found a series of cyberattacks that targeted Israeli organisations that offer IT services to companies in the country, and might be linked to Iran.

Earlier this month, the failed cyberattack against Shamir Medical Center on Yom Kippur leaked emails that contained sensitive patient information. The directorate found it to be an Iranian attack disrupting the hospital's functions.

Fortunately, the attack was mitigated before it could do any damage to the hospital's medical record system.

The directorate found that threat actors used stolen data to get access to the targeted infrastructure. Most attacks didn't do any damage, some however, caused data leaks. Due to immediate communications and response, the incidents were addressed quickly. “In the case of Shamir Medical Center, beyond the data leak, the very attempt to harm a hospital in Israel is a red line that could have endangered lives,” the directorate said. 

European gang behind the attack

First, a ransomwware gang based out of Eastern Europe claimed responsibility and posted a ransom demand with a 72-hour window. But Israeli officials later discovered that Iranian threat actors launched the attack. 

According to officials, the incident was connected to a wider campaign against Israeli organisations and critical service providers recently. Over 10 forms suffered cyberattacks and exploited bugs in digital service providers inside supply chains. 

According to Jerusalem Post, "Since the start of 2025, Israel has thwarted dozens of Iranian cyberattacks targeting prominent civilians, including security officials, politicians, academics, journalists, and media professionals. The Shin Bet security agency said these operations aim to collect sensitive personal data that could later be used in physical attacks within Israel, potentially carried out by locally recruited operatives."

Read more »
Technology
Artificial Intelligence Data digital tracking FTC Pricing surveillance Technology

Surveillance Pricing: How Technology Decides What You Pay




Imagine walking into your local supermarket to buy a two-litre bottle of milk. You pay $3, but the person ahead of you pays $3.50, and the next shopper pays only $2. While this might sound strange, it reflects a growing practice known as surveillance pricing, where companies use personal data and artificial intelligence (AI) to determine how much each customer should pay. It is a regular practice and we must comprehend the ins and outs since we are directly subjected to it.


What is surveillance pricing?

Surveillance pricing refers to the use of digital tracking and AI to set individualised prices based on consumer behaviour. By analysing a person’s online activity, shopping habits, and even technical details like their device or location, retailers estimate each customer’s “pain point”, the maximum amount they are likely to pay for a product or service.

A recent report from the U.S. Federal Trade Commission (FTC) highlighted that businesses can collect such information through website pixels, cookies, account registrations, or email sign-ups. These tools allow them to observe browsing time, clicks, scrolling speed, and even mouse movements. Together, these insights reveal how interested a shopper is in a product, how urgent their need may be, and how much they can be charged without hesitation.


Growing concerns about fairness

In mid-2024, Delta Air Lines disclosed that a small percentage of its domestic ticket pricing was already determined using AI, with plans to expand this method to more routes. The revelation led U.S. lawmakers to question whether customer data was being used to charge certain passengers higher fares. Although Delta stated that it does not use AI for “predatory or discriminatory” pricing, the issue drew attention to how such technology could reshape consumer costs.

Former FTC Chair Lina Khan has also warned that some businesses can predict each consumer’s willingness to pay by analysing their digital patterns. This ability, she said, could allow companies to push prices to the upper limit of what individuals can afford, often without their knowledge.


How does it work?

AI-driven pricing systems use vast amounts of data, including login details, purchase history, device type, and location to classify shoppers by “price sensitivity.” The software then tests different price levels to see which one yields the highest profit.

The FTC’s surveillance pricing study revealed several real-world examples of this practice:

  1. Encouraging hesitant users: A betting website might detect when a visitor is about to leave and display new offers to convince them to stay.
  2. Targeting new buyers: A car dealership might identify first-time buyers and offer them different financing options or deals.
  3. Detecting urgency: A parent choosing fast delivery for baby products may be deemed less price-sensitive and offered fewer discounts.
  4. Withholding offers from loyal customers: Regular shoppers might be excluded from promotions because the system expects them to buy anyway.
  5. Monitoring engagement: If a user watches a product video for longer, the system might interpret it as a sign they are willing to pay more.


Real-world examples and evidence

Ride-hailing platforms have long faced questions about this kind of data-driven pricing. In 2016, Uber’s former head of economic research noted that users with low battery life were more likely to accept surge pricing. A 2023 Belgian newspaper investigation later reported small differences in Uber fares depending on a phone’s battery level. Uber denied that battery status affects fares, saying its prices depend only on driver supply and ride demand.


Is this new?

The concept itself isn’t new. Dynamic pricing has existed for decades, but digital surveillance has made it far more sophisticated. In the early 2000s, Amazon experimented with varying prices for DVDs based on browsing data, sparking backlash from consumers who discovered the differences. Similarly, the UK’s Norwich Union once used satellite tracking for a “Pay As You Drive” car insurance model, which was discontinued after privacy concerns.


The future of pricing

Today’s combination of big data and AI allows retailers to create precise, individualised pricing models that adjust instantly. Experts warn this could undermine fair competition, reduce transparency, and widen inequality between consumers. Regulators like the FTC are now studying these systems closely to understand their impact on market fairness and consumer privacy.

For shoppers, awareness is key. Comparing prices across devices, clearing cookies, and using privacy tools can help reduce personal data tracking. As AI continues to shape how businesses price their products, understanding surveillance pricing is becoming essential to protect both privacy and pocket.


Read more »
surveillance
Cybersecurity messages military information Phone Call Privacy Satellite surveillance

Satellites Found Broadcasting Sensitive Data Without Encryption

 



A recent academic study has revealed alarming security gaps in global satellite communications, exposing sensitive personal, corporate, and even military information to potential interception. Researchers from the University of California, San Diego, and the University of Maryland discovered that a large portion of geostationary satellites transmit unencrypted data, leaving them open to eavesdropping by anyone with inexpensive receiving equipment.

Over a three-year investigation, the research team assembled an $800 receiver setup using readily available components and placed it on the roof of a university building in La Jolla, California. By adjusting their dish toward various satellites visible from their location, the team intercepted streams of data routinely transmitted from orbit to ground-based receivers. To their surprise, much of this information was sent without any encryption or protective measures.

The intercepted traffic included mobile phone calls and text messages linked to thousands of users, in-flight Wi-Fi data from airlines, internal communications from energy and transportation systems, and certain military and law enforcement transmissions revealing positional details of personnel and assets. These findings demonstrate that many critical operations rely on satellite systems that fail to protect private or classified data from unauthorized access.

According to the researchers, nearly half of all geostationary satellite signals they analyzed carried unencrypted content. However, their setup could only access about 15 percent of the satellites in orbit, suggesting that the scale of exposure could be significantly higher. They presented their findings in a paper titled “Don’t Look Up,” which highlights how the satellite industry has long relied on the assumption that no one would actively monitor satellite traffic from Earth.

After identifying the vulnerabilities, the researchers spent months notifying affected organizations. Several companies, including major telecom providers, responded quickly by introducing encryption and tightening their satellite communications. Others, particularly operators of older or specialized systems, have yet to implement necessary protections.

Experts in cybersecurity have called the study a wake-up call for both industry and government agencies. They stress that satellite networks often act as the communication backbone for remote locations, from offshore platforms to rural cell towers, and unprotected data transmitted through these systems poses a serious privacy and security risk.

The findings underline the pressing need for standardized encryption protocols across satellite networks. As the reliance on space-based communication continues to grow, ensuring the confidentiality and integrity of transmitted data will be vital for national security, business operations, and personal privacy alike.




Read more »
US
Data ICE phones surveillance Technology US

ICE Uses Fake Tower Cells to Spy on Users

Federal contract to spy

Earlier this year, the US Immigration and Customs Enforcement (ICE) paid $825,000 to a manufacturing company that makes vehicles installed with tech for law enforcement, which also included fake cellphone towers called "cell-site" simulators used to surveil phones. 

The contract was made with a Maryland-based company called TechOps Specialty Vehicles (TOSV). TOSV signed another contract with ICE for $818,000 last year during the Biden administration. 

The latest federal contract shows how few technologies are being used to support the Trump administration's crackdown on deportation. 

In September 2025, Forbes discovered an unsealed search warrant that revealed ICE used a cell-site simulator to spy on a person who was allegedly a member of a criminal gang in the US, and was asked to leave the US in 2023.  Forbes also reported on finding a contract for "cell site simulator." 

About ICE

Cell-site simulators were also called "stingrays." Over time, they are now known as International Mobile Subscriber Identity (IMSI) catchers, a unique number used to track every cellphone user in the world.

These tools can mimic a cellphone tower and can fool every device in the nearby range to connect to the device, allowing law enforcement to identify the real-world location of phone owners. Few cell-site simulators can also hack texts, internet traffic, and regular calls. 

Authorities have been using Stingray devices for more than a decade. It is controversial as authorities sometimes don't get a warrant for their use. 

According to experts, these devices trap innocent people; their use is secret as the authorities are under strict non-disclosure agreements not to disclose how these devices work. ICE has been infamous for using cell-site simulators. In 2020, a document revealed that ICE used them 466 times between 2017 and 2019. 

Read more »
surveillance
CSAM Denmark EU Privacy Regulation Software surveillance

Danish Developer’s Website Sparks EU Debate on Online Privacy and Child Protection

 



In August, a 30-year-old developer from Aalborg, identified only as Joachim, built a platform called Fight Chat Control to oppose a proposed European Union regulation aimed at tackling the spread of child sexual abuse material (CSAM) online. The EU bill seeks to give law enforcement agencies new tools to identify and remove illegal content, but critics argue it would compromise encrypted communication and pave the way for mass surveillance.

Joachim’s website allows visitors to automatically generate and send emails to European officials expressing concerns about the proposal. What began as a weekend project has now evolved into a continent-wide campaign, with members of the European Parliament and national representatives receiving hundreds of emails daily. Some offices in Brussels have even reported difficulties managing the flood of messages, which has disrupted regular communication with advocacy groups and policymakers.

The campaign’s influence has extended beyond Brussels. In Denmark, a petition supported by Fight Chat Control gained more than 50,000 signatures, qualifying it for parliamentary discussion. Similar debates have surfaced across Europe, with lawmakers in countries such as Ireland and Poland referencing the controversy in national assemblies. Joachim said his website has drawn over 2.5 million visitors, though he declined to disclose his full name or employer to avoid associating his workplace with the initiative.

While privacy advocates applaud the campaign for sparking public awareness, others believe the mass email tactic undermines productive dialogue. Some lawmakers described the influx of identical messages as “one-sided communication,” limiting space for constructive debate. Child rights organisations, including Eurochild, have also voiced frustration, saying their outreach to officials has been drowned out by the surge of citizen emails.

Meanwhile, the European Union continues to deliberate the CSAM regulation. The European Commission first proposed the law in 2022, arguing that stronger detection measures are vital as online privacy technologies expand and artificial intelligence generates increasingly realistic harmful content. Denmark, which currently holds the rotating presidency of the EU Council, has introduced a revised version of the bill and hopes to secure support at an upcoming ministerial meeting in Luxembourg.

Danish Justice Minister Peter Hummelgaard maintains that the new draft is more balanced than the initial proposal, stating that content scanning would only be used as a last resort. However, several EU member states remain cautious, citing privacy concerns and the potential misuse of surveillance powers.

As European nations prepare to vote, the controversy continues to reflect a broader struggle: finding a balance between protecting children from online exploitation and safeguarding citizens’ right to digital privacy.



Read more »
Trump Administration
Deportation ICE surveillance Technology Trump Administration

Trump's ICE Expands Surveillance Tech for Deportation Crackdown

 

Immigration and Customs Enforcement (ICE) has assembled an extensive digital arsenal to support President Trump's mass deportation campaign, which has resulted in approximately 350,000 deportations in the first eight months of his administration . The agency utilizes sophisticated surveillance and identification technologies to locate and track undocumented immigrants across the United States . 

Facial recognition technology

ICE has significantly expanded its relationship with Clearview AI, signing a $3.75 million contract in September 2025 to support Homeland Security Investigations (HSI) with facial recognition capabilities . 

This follows previous contracts totaling nearly $2 million since 2023 for forensic software and enterprise licenses . Clearview AI maintains a massive database of photos scraped from the internet, enabling identification of individuals through facial recognition searches . 

Spyware and phone surveillance 

The agency reactivated a $2 million contract with Israeli spyware maker Paragon Solutions after the Trump administration lifted a Biden-era stop work order in September 2025 . This contract provides ICE with proprietary surveillance solutions including hardware, software, and training capabilities . 

Additionally, ICE's HSI division signed a $3 million contract with Magnet Forensics for phone hacking technology, specifically Graykey devices that can unlock encrypted smartphones and extract digital evidence . 

Data analytics and surveillance 

Palantir Technologies serves as ICE's primary data analytics partner through multiple contracts totaling over $140 million . The company's Investigative Case Management (ICM) database allows ICE to filter individuals based on immigration status, physical characteristics, criminal affiliations, and location data . 

Palantir is also developing "ImmigrationOS," designed to streamline deportation operations and provide real-time visibility into immigration activities .

Public records access

ICE maintains a $4.7 million annual subscription to LexisNexis databases, providing access to public records and commercial data through the Accurint Virtual Crime Center . Documents revealed that ICE conducted over 1.2 million searches in seven months during 2022, using the system for background checks and predictive surveillance of migrants before crimes are committed . 

This technological infrastructure enables ICE to conduct comprehensive surveillance operations, from facial recognition identification to detailed data analytics, supporting the administration's expanded immigration enforcement efforts .
Read more »
Subscribe to: Comments (Atom)