If you purchase via links on our site, we may receive affiliate commissions.

6 examples of online privacy violation

15 April 2020

Most people share data without thinking about it. They provide information to companies while purchasing merchandise, signing up for email lists, downloading apps and more. They also expect the respective enterprises to safeguard those details.

Unfortunately, the businesses in question often fall short of the task, exposing valuable data. The resulting violation of privacy laws can lead to huge fines and eroded public trust.

Here are six recent examples of companies that failed to do everything they could to respect users' privacy.

1. Zoom gave data to third parties without users' knowledge

An April 2020 piece from The New York Times alleged that popular video conferencing site Zoom engaged in undisclosed data mining during user conversations. The coverage asserted that when a person signed into a meeting, Zoom transmitted their data to a system that matched individuals with their LinkedIn profiles.

The incident happened via a subscription-based tool called LinkedIn Sales Navigator that Zoom offered customers to assist with their marketing needs.

Moreover, when someone signed into a Zoom meeting with an anonymous name, the tool still connected that person to their respective LinkedIn profile. Thus, the person had their real name revealed to a fellow user despite efforts to keep it private. Zoom promised to disable the tool and remove it from the company's offerings.

2. Google violated children's privacy laws

Google is under fire for violation of privacy laws, recent reports say. A California federal court received a lawsuit from two children suing the tech giant through their father. The pair assert that the G Suite for Education platform unlawfully collects biometric data from kids who use it. If so, that action would likely mean Google disregarded the Children's Online Privacy Protection Act (COPPA), a federal mandate that requires getting parental consent before gathering data from minors under 13. Moreover, the company may face allegations of violations associated with state biometric laws. The issues could affect millions of kids and their privacy.

3. Hackers dump confidential law firm data

A law firm's document management system (DMS) contains all the legal documents about its clients. Some include records spanning 10 to 20 years, making it especially necessary to protect the data. Privacy violations sometimes occur due to inadequate cybersecurity. For example, the Maze hacker group targeted Texas law firm Baker Wotring and published a "full dump" of the organization's data. The incident was a ransomware attack, and the leak likely happened when the cybercriminals did not receive the requested payment. The compromised records included case diaries, consent forms and more.

4. Facebook fined for its role in Cambridge Analytica data harvesting

Federal officials in the United States carried out a 16-month investigation and determined Facebook repeatedly misled its users and compromised efforts to safeguard privacy. That decision came after Cambridge Analytica used a third-party app to harvest data from a Facebook quiz for political purposes.

The Federal Trade Commission (FTC) fined Facebook $5 billion for the infractions, the largest amount ever imposed on a company for a consumer privacy regulation.

5. Ring Doorbell app allegedly loaded with trackers

The Ring doorbell has an accompanying app that lets people see, hear and speak to individuals who arrive on their doorsteps — even without being home. Unfortunately, when the Electronic Frontier Foundation (EFF) investigated the Android version, it discovered numerous third-party trackers. The researchers say that Ring sent data to four outside entities, providing them with personally identifiable information.

The transmitted details include names, IP addresses and data from users' device sensors. The EFF warned that recipients could combine all the information to get a unique user picture.

6. WhatsApp flaw sacrificed the privacy of top government officials

Privacy violations also happen if malicious parties exploit weaknesses in widely used apps. Such a situation unfolded when NSO Group, an Israeli hacking tool developer, allegedly built and sold a product that allowed the infiltration of WhatsApp's servers due to an identified weakness. This problem caused at least 1,400 users to have their mobile phones hacked within approximately two weeks in April and May 2019.

A sizeable segment of the identified victims were reportedly high-profile government officials located in at least 20 countries. Early investigative efforts failed to confirm the perpetrators that used the tool from NSO Group.

How to protect online privacy

There's a good chance that most of the companies mentioned here are familiar. It's understandable, then, to worry whether it is safe to keep using products from the brands. That's a highly personal decision. Companies and individuals alike can take decisive steps to protect their privacy by:

and unscrupulous behavior
Reading all privacy and user agreements before signing up for a service or app
Restricting the type and number of permissions that installed apps have on devices
Reviewing all current privacy settings for apps and sites at least monthly, and tweaking them as necessary
Staying abreast of cybersecurity news to learn about relevant violations of privacy laws, breaches Downloading apps from reputable sources, such as official websites or app stores that vet content and remove harmful software

Knowing how to protect your privacy increases the chances that valuable details will remain in your control. Otherwise, the likelihood goes up of private data falling into the wrong hands and getting misused.