California Considers Pushing Data Disclosure Envelope Again

California, which set the standard for data breach notifications nationwide, is again seeking to set a precedent by becoming the first state in the nation to require companies upon request disclose to California consumers the data they’ve collected and to whom it was shared during the past year. They would be required to respond within 30 days and provide the report for free.

Firefox 20 Fixes 11 Critical Flaws, Adds Per-Tab Private Browsing

Mozilla has added a new privacy feature to Firefox that enables users to begin a new private browsing session in a separate tab while still running a normal session in other tabs. Firefox 20 also includes patches for 11 critical security vulnerabilities.The new version of Firefox expands the capabilities of the private browsing function in the browser, a feature that allows users to browse without any cookies, logs or any other data retention.

Alma Whitten, the director of privacy at Google, is stepping down from that role and leaves behind her a complicated legacy in regards to user privacy. Whitten has been the company’s top product and engineering privacy official since 2010 and was at the helm as the company navigated a number of serious privacy scandals and controversies.

The Government Communications Headquarters (GCHQ), one of Britain’s top intelligence agencies, has admitted it sometimes emails passwords in plain text to those who apply for jobs on its site.It was revealed in the last week that those who apply for jobs through the GCHQ’s recruitment portal are emailed their password in plain text after filling out the forgotten password feature on the site.

With less than three full months gone in 2013, Facebook, Apple and Microsoft all have admitted publicly to serious security breaches, something that would have seemed like an elaborate practical joke just a couple of years ago. But the times and the climate have changed, and if you needed more evidence of these facts, it arrived last week in the form of the first Microsoft Transparency Report. 

Apple has implemented a deadline for when it will reject apps that access devices’ unique device identifier numbers, or UDIDs. Apple has been phasing out the 40-character string of letters and numbers over the last year, yet according to a post on Apple’s Developers site yesterday, this appears to be the final word: Any new apps or app updates that access UDIDs will not be accepted beginning May 1.

Microsoft received more than 11,000 requests for user information or content data from law enforcement agencies in the United States last year and supplied some user content in more than 1,500 of those cases. Overall, the company received more than 70,000 requests from law enforcement agencies worldwide and gave up some user content in 2.2 percent of those cases.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.