With advances in voice recognition and machine learning, we see an increasing number of products that implement some form of vocal interaction. Popular ones include Google Home and Amazon Echo, as well as smaller digital assistants such as Apple’s Siri and Microsoft’s Cortana. Recently, companies such as Mattel have developed toys with voice interaction features for children, such as the Hello Barbie doll. However, with increases in artificial intelligence come increases in data collection, and with increases in data collection come increases in privacy concerns.
Parents and privacy advocates alike expressed concern over Hello Barbie’s potential to store records of intimate conversations. Concerns intensified when it was reported that the toy was susceptible to remote hacking through wireless networks. The latest companies under fire are Chinese-based toy manufacturer Genesis Toys and US software tech company Nuance Communications. In December 2016, the Electronic Privacy Information Center (EPIC), along with the Campaign for a Commercial Free Childhood, the Center for Digital Democracy, and the Consumers Union have filed a complaint with the Federal Trade Commission (FTC) about legal concerns relating to privacy in two toys, My Friend Cayla and i-Que Intelligent Robot, designed by Genesis with software written by Nuance. The complaint alleges that the companies violate a 1998 law, the Children’s Online Privacy Protection Act (COPPA), due to deceptive data collection without proper notice or parental consent.
Most Facebook users have encountered a key feature of the social media service when uploading photos: suggested tags based on facial recognition (“Tag Suggestions”). This feature has remained unchallenged until recently, when a class-action lawsuit was filed against the tech giant, claiming that key elements of this feature violate Illinois’ Biometric Information Privacy Act (BIPA), a law enacted in 2008. The law, which was originally drafted by Illinois’ ACLU chapter, states that private entities collecting biometric information (defined as “a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry”) must provide public information about their data retention policy as well as guidelines for data destruction. BIPA also prevents companies from selling or trading such information, and requires that they protect such data as they would other confidential or sensitive information.
Des Plaines resident James Gertie has filed a class-action suit against McDonald’s and the local Karis Management company, which owns and operates multiple Chicago-area McDonald’s restaurants. The suit alleges consumer fraud and deceptive practices, claiming that the franchise’s menu contains false advertising.
The class action lawsuit filed against the defunct Trump U alleges, among other ignominious charges, “financial elder abuse.” Controversy surrounding the for-profit “university” enterprise came to a head after the presiding judge ruled for the release of sensitive documents to the public. In them, former employees described ruthless sales tactics the university would use to convince vulnerable sections of the population to sign up for expensive classes with, allegedly, no real educational value. The company claimed to teach students Trump’s strategies for success, and instructors were purportedly “hand-picked” by Trump to teach the students the key to successful investing.
Theranos, a company once hailed as a revolution in modern medicine, has been hit with several class action lawsuits in the past week. The company claimed that state of the art machine named “Edison” would change the world by radically reducing the time and amount of blood necessary for blood tests. Far from the promised game changing innovation however, the lawsuits allege that the company engaged in false advertising and failed to follow proper medical lab procedure, possibly exposing consumers to inaccurate lab results.
Between 2008 and 2009, Wyndham Hotels and Resorts was successfully hacked three times. Rather than the scenario resembling an arms race however, with increasingly proficient hackers up against Wyndham’s increasingly elaborate cyber security, the hackers used similar methods in all three data breaches.
The most recent 2016 LinkedIn data breach is a continuation of the original data breach that occurred in 2012. At the time, LinkedIn’s investigation revealed 6.5 million stolen username and password combinations, and took precautionary measures to re-secure those accounts.
On May 19th however, a Russian hacker with the moniker “Peace” was confirmed to be selling a database of 117 million usernames and passwords from the 2012 data breach, making it clear that the scope of the original incident was far wider than users had been led to be believe.