Alexander Hanff

@thatprivacyguy@eupolicy.social

Privacy Advocate

Amazon Ring's Familiar Faces is a textbook example for ECD

Amazon's Ring Familiar Faces biometrically scans every person who approaches a Ring doorbell, performs the match in Amazon's cloud rather than on the device that could have done it locally, and stores faceprints of non-consenting strangers for up to thirty days. The architectural choice produces two independent breaches: a GDPR exposure the household-activity…

thatprivacyguy.com/blog/amazon

#ai #climate #consent #environment #esg #law #gdpr

Amazon Ring's Familiar Faces is a textbook example for ECD
ALT

Google Chrome silently installs a 4 GB AI model on your device without consent. At a billion-device scale the climate costs are insane.

Google Chrome is downloading a 4 GB Gemini Nano model onto users' machines without consent, with no opt-in, no opt-out short of enterprise tooling, and an automatic re-download every time the user deletes it. The pattern is…

thatprivacyguy.com/blog/chrome

#ai #privacy #eprivacy #compliance #gdpr #google #chrome #gemini #esg #environment #sustainability #climate #law

Google Chrome silently installs a 4 GB AI model on your device without consent. At a billion-device scale the climate costs are insane.
ALT

Anthropic secretly installs spyware when you install Claude Desktop

Anthropic's Claude Desktop silently installs a Native Messaging bridge into seven Chromium browsers, including browsers Anthropic's own documentation says it does not support, and browsers the user has not even installed.

thatprivacyguy.com/blog/anthro

#ai #privacy #eprivacy #compliance #infosec #gdpr #law #cyber #security #anthropic #claude

Anthropic secretly installs spyware when you install Claude Desktop
ALT

The MEP investigating spyware was keeping his whole life on the phone that got hacked

Pegasus infected the phone of an MEP who sat on the committee investigating it - a real assault on democracy. It also came out that he kept fifteen years of everything on that one phone and missed three warnings from Apple - and that's a failure we have to talk about too.

thatprivacyguy.com/blog/mep-sp

#surveillance #spyware #pegasus #cybersecurity #eu #pega #edps #privacy

The MEP investigating spyware was keeping his whole life on the phone that got hacked
ALT

The United Nations runs Google's ad-tech on its own website, without consent, while telling the rest of us to account for AI's footprint

The UN demands AI accountability while running Google ad-tech, analytics and tracking on its own website - with no consent and a measurable, avoidable carbon cost.

thatprivacyguy.com/blog/un-tra

#privacy #gdpr #eprivacy #environment #tracking #un #esg #HumanRights #hypocrisy #adtech #ai

The United Nations runs Google's ad-tech on its own website, without consent, while telling the rest of us to account for AI's footprint
ALT

Google quietly removes the on-device AI privacy assurance from Chrome's Settings UI

Google has quietly removed the privacy assurance from Chrome's on-device AI Settings UI. The sentence promising that the model runs locally without sending data to Google's servers has been deleted, and the toggle moved out of the System block to reduce the chance the change is noticed. There are three plausible reasons for tha…

thatprivacyguy.com/blog/google

#ai #chrome #consent #compliance #eprivacy #gdpr #google

Google quietly removes the on-device AI privacy assurance from Chrome's Settings UI
ALT

I told them forced consent was unlawful. Five years later it cost Elkjop €1.8 million

Datatilsynet just fined Elkjop NOK 20 million (€1.8m) for the forced consent in its loyalty club — five years after I told their DPO it was unlawful.

thatprivacyguy.com/blog/elkjop

#gdpr #eprivacy #consent #enforcement #loyaltyclubs #SurveillanceCapitalism #spam #adtech #compliance

I told them forced consent was unlawful. Five years later it cost Elkjop €1.8 million
ALT