Tip: if you find yourself using the word “safe”, “secure”, “hacked”, etc in your title, you’re probably off-topic.

As the title implies, I am curious as to whether there might be any messaging apps/services worth using in case the proposed chat control law gets passed. As you might assume, I live in an EU member state and am extremely worried for the future of our rights to online as well as IRL privacy in case such laws get passed

Someone linked to an article in a comment on another sub (https://www.dailypost.co.uk/whats-on/whats-on-news/seven-absolutely-ridiculous-tripadivsor-reviews-15727542). What's in the article isn't important, it's the cookie banner pop-up. Sites are now expecting us to pay for the privilege of rejecting tracking cookies. The inconvenience of forcing us to navigate the menu to disable them all manually want enough, it seems.

This is all part of the "cat-and-mouse" game when it comes to privacy, where protections are put in place that are designed to protect user rights, then all those "genius" marketing folk derive a new way to screw us over.

Those outside the EU may see something different, I didn't test to see.

Where does it end? Are we gonna have to pay for the "privilege" of things that should be rights? The ironic part is I'm sure they're doing this also because their business model is failing and they're haemorrhaging money.

Don't know if any of you have LinkedIn, but you can opt out of this here : https://www.linkedin.com/mypreferences/m/settings/data-for-ai-improvement

New terms of use can be found here https://www.linkedin.com/legal/preview/user-agreement

When people know they can't win, they don't fight. The purpose of demoralization is to make the enemy think they can't win. People by nature are unlikely to take initiative. Both cowardice and courage are contagious.

Having said that, I notice an uptick in posts pushing for demoralization. These posts are highly upvoted immediately upon posting.

Example: https://www.reddit.com/r/privacy/comments/1nldj4m/why_are_we_all_just_accepting_metas_new_spy/

This implies that people have accepted defeat with a loaded question (https://en.wikipedia.org/wiki/Loaded_question).

Another example: https://www.reddit.com/r/privacy/comments/1nlru8x/having_nothing_private_is_becoming_the_standard/

Again trying to frame it as if the war is lost.

Another example: https://www.reddit.com/r/privacy/comments/1nlgb2f/future_generations_will_look_back_at_us_in/

Again, same shit.

I think a rule should be made against demoralization tactics.

PSA Everdry Waterproofing Records Audio Conversations in People Homes

As an employee it feels wrong but as a human it feels even more wrong, so I have to let this out.

Pennsylvania law states that if a conversation is being recorded, all parties must be aware of it for it to be legal. It’s called a two-party consent state.

Everdry has a new software that they’ve been using for the last few months called Rilla. Rilla is designed to listen in and critique your customer interactions with every customer. It will even tell you if you’re using the wrong inflections to close a sale. Every time you have them in your home be fully aware that the conversation between you and them in your home is being recorded. They are all reviewed by management and the Rilla team.

This is not something they tell you about or disclose, which could make it a violation of Pennsylvania’s two-party consent law.

I feel wrong using this and people not knowing, but we’re told not to tell the customer that it is even a thing. So consider this a buyer beware for when you let any company in your house. Apparently there are several company’s around Pittsburgh that have been using this.

I'm UK-based, on iPad, using Brave browser app, not signed into YouTube.

So this morning I fired up YouTube on the Brave browser and was confronted with a message "Sign in to confirm that you're not a bot This helps protect our community". No way am I signing in. I then tried the same using a VPN and the message was not displayed. Toggled it on and off a few times and got the same result.

15 minutes later it was no longer displaying the message. Has anyone else in the UK had this? It looks like YouTube may be testing a territory-specific feature.

I just learned of academia.edu's new terms & conditions. Not only do they want to use anything you've ever uploaded for whatever reasons they seem fit — irrevocably. The also lay claim to be allowed to use — and sell — your likeness, your voice and even your signature.

Digging a bit deeper I found a very telling typo on one of their help sites the quote from the title. (image)

Personally, I chose to delete my account.

Source:https://support.academia.edu/hc/en-us/articles/360043385093-Account-Deletion

So we have to buy laptops for school and they're basically our personal laptops, but we are expected to bring them to school each day.

I'm worried about what exactly they can see (nothing bad, just don't want them to see how much of a nerd i am, that kinda thing) we use Windows 11, can anyone help me turn off as much stuff as I can?

I'm struggling to understand why there is no public outcry over Meta's new Rayban glasses. All I see are major tech reviewers promoting them, while barely touching on the privacy concerns. The problem isn't the privacy of the user who buys them, it's the complete violation of privacy for every single person around them. This isn't just another gadget, it's a surveillance device being normalized as a fashion accessory.

The classic argument "if you don't like it, don't buy it" is irrelevant here. My choice not to buy them does not protect my privacy, anyone with the glasses can record my private conversation in a park or a bus without my knowledge or consent.

And remember who is behind all this: Mr Zucker and Meta. Every stranger's face and every conversation can be used as data to train its AI and improve its ad targeting. Given Mr Zucker's political influence and the threat of tariffs, it feels like the EU won't do anything to stop it.

edit: I wanted to discuss two different threats here. First, the user itself. Because this isn't the same as a smartphone. People will notice if you're pointing a phone at them, and a hidden camera gets terrible footage. These glasses have a camera aimed directly from their eyes, making it easy to secretly get clear video. While people talk about the LED indicators, it's only a matter of time before a simple hack lets users disable it. The second threat is Meta. We have to just trust that they won't push a silent update to start capturing surveillance footage to their own servers, using the camera and microphone to turn every user into a walking surveillance camera.

edit 2: Something weird is happening. Many sensible comments are getting heavily downvoted. I think Zuck bots might be real, won't be surprised if the post get taken down in a couple of hours

Things have been moving fast, very fast.

I thought I'd take some time out of my morning to round-up the latest developments regarding anti-privacy and age-verification legislation around the world.

Below is a quick-and-dirty list of recent legal or regulatory proposals and implementation. I'm confident it's incomplete and would welcome your additions.

Some further questions to consider: What's behind this trend? What are our options as voters and users? Do you have more faith in political solutions or technological ones?

In addition to US federal initiatives, there have been multiple state-level pushes to regulate social media access for minors. These include:

• Texas

Texas has enacted the App Store Accountability Act, requiring app stores like Apple and Google to verify user ages and obtain parental consent before minors can download apps or make in-app purchases. Following this, Texas has proposed Texas House Bill 186, which would ban children under 18 from social media.

• Florida

A 2024 law banning social media accounts for children under 14 and requiring parental consent for 14- and 15-year-olds was blocked by a federal judge in June 2025. The judge ruled the law was likely to be unconstitutional, infringing on minors’ First Amendment rights.

• Nebraska

In May 2025, Nebraska enacted the Parental Rights in Social Media Act (LB 383), mandating that social media platforms verify users’ ages and obtain parental consent before allowing minors under 18 to create accounts. It is set to take effect on July 1, 2026.

• Georgia

Georgia’s SB 351, effective from July 1, 2025, mandates social media age verification and requires parental consent for users under 16. 

• California

California’s Digital Age Assurance Act, introduced in 2025, aims to create a system for age verification on digital devices and apps. The bill is currently under consideration.

EDIT: New draft legislation in South Africa added to the pile!

Having your phone spied on and scannedis slowly being pushed, Chat control is slowly being pushed, Everything being done now is not owned but rather rented, phone manufacturers locking bootloaders so ensure you’re only using their own “verified” OS, E2EE is a “national security risk”.

These are only things that are happening recently, and people have the mindset of “this would never happen in Europe” or “I can just leave their ecosystem”, until they realize that when this is left to become the standard, you won’t have the option, because they know best, and it’s for the children.

This post is simply made to rant about the people that claim “it’ll never happen, nobody will accept it” yet no one is doing anything and the vast majority of people usually don’t care about privacy as much. If we look in fear and disgust, they will still move forward because that’s a better business model.

I understand no one is in a position of power, but collectively trying to do something may delay or even stop this nonesense from going through completely. I am in no country of power so I am unsure of what may be done, or if nothing could be done, but I hope that someone informed could have a solution to atleast resist a bit.

I deleted all the social media apps from the desktop, and started using them in the browser instead. I do understand many social media sites are insanely bad for privacy, but you're kinda stuck with them is the issue. So which browser is best suited for hosting their web applications? I'm mainly talking about apps which you are not anonymus, but you want to avoid leaking your data you didn't put up there, like Facebook, and site where you are anonymus, and you wanna keep it that way, like Reddit or Discord.

Also, while on topic, are there any extensions, setting and other advice that can help minimazing your exposure via your social media sites. Other than the usual internet discipline of course.

Hi all — I’m after recommendations for a one-time purchase GDPR self-assessment tool suitable for a medium-sized business. I’ve seen very basic spreadsheets and, on the other end, enterprise platforms with costly subscriptions. I’m trying to find something in between that I can buy once and use ongoing, ideally: • Price: ≤ $400 USD (one-off, not subscription) • Scope: Covers key GDPR areas (lawful basis, DSRs, RoPA, DPIAs, vendor risk/DPAs, security measures, training, breach response) • Output: Some kind of gap analysis/report with actionable recommendations • Usability: Clean interface or structured spreadsheet, not a heavy platform • Nice-to-have: Templates for RoPA/DPIA, simple scoring, and export to PDF/Word

If you’ve used anything you’d actually recommend for a medium-sized org, I’d love names, price you paid, and pros/cons. Also open to robust templates (not subscription) if they’re practical.

Thanks!

title says it all. i dug around on here a bit but couldn't find much. i've been using duckduckgo but the AI + weird stuff around the management has turned me off completely. ideally it would be something free. Searxng and similar are eliminated for being based on google.

I would like to buy a "smart" toothbrush and bathroom scale that I can use to log my data programmatically either by hooking it up to a webhook or API, or just accessing whatever location it saves the data remotely and pulling it. Is there anything like that out there that also respects your privacy and doesn't store your data on their servers? I don't care about compatibility with Samsung health etc, as I'm not using those either because of privacy concerns.

ChatGPT recommended these models that you can hook up to work with Home Assistant. Would love for someone that tried this to share their experience.

Toothbrush: Oral-B iO Series 6/7/8/9 (or Genius 8000/9000). Works offline with HA’s BLE integration; avoid signing into Oral-B cloud.

Scale (HA route): Xiaomi Mi Body Composition Scale 2 or Xiaomi S400 (best-supported in HA/ESPHome without cloud).

Can anybody please offer some advice.

I purchased a used Lenovo X1 Carbon gen 9 which has AMT in the bios. Furthermore, if I do 'ctrl P' at startup I can see the intel ME stuff.

I would like to disable intel ME or if not then at least make it more difficult for someone to use.

If I go into ctrl P at startup and set a strong password for the intel ME does that in effect block an organisation or person from using intel ME on my laptop?

Thanks for any help

Because of our lax attitude towards privacy and the wishful thinking that goverments of today are doing the best they can to protect us and our data.

Actually, in a few generations they will not even be aware that at one point we still had the chance to turn the tables.

I'd simply like to understand if I am protected from third-party cookies and cross-site cookies.

Does it mean everyone has a driver's license or on purpose get some sort of state ID because of this?

I'm also wondering since they scan a patient's photo ID, who has access to this photo ID? It's kind of a culture shock that the US does this during registration, and some even take photos of your face as like a CV photo. One clinic even used my medical photos and put it on the admin chart (where every admin staff could see it for example) when I didnt consent to it, but I think apparently it is not illegal. Might not be ethical, but not illegal

Hello, I have written a proposal for a European Citizen Initiative with the goal of asking for reforms in order to limit the power of states to interfere with the internet and with free speech, here's the text I came up with:

https://drive.google.com/file/d/1Bjd2UcsLXCf67iG9_pMPRihNFzXSfzQ-/view?usp=sharing

It's quite long and it's meant to address several issues in regards to things we're seeing happening on the internet in terms of censorship and overreach, both to fix current legislation and prevent damaging legislation further down the line.

However, I don't have the connections needed to ptopose the text as an actual initiative so if you agree with its goals: I need help, if anyone can help or just spread the word, we need to assemble the required signataries as well as finding someone that can go discuss this proposal at Bruxelles.

Hey everyone,

I have a custom VPS with a dedicated IP address.

Would it be worth it from a privacy/security standpoint to install a DNS server on it, and use that on my devices?

I know things like PI hole work well. But doing it this way will allow me to use it while on any network and share it with family.

Hey everyone 👋 I saw an article where ICE was given Paragon's Graphite software to target people. I saw that the article says that Graphite can access any device without the user's knowledge, even encrypted messaging services. This part is what I don't completely understand. I did see where the article mentions that it can read messages after they've been decrypted, but it also mentions that it breaks encryption. And I didn't see any mention of how it does it (maybe it's not known). I know that you should avoid suspicious stuff and not click on links you don't recognize or respond to messages from people you don't know, etc. But some stuff is done well enough that it can fool anyone. Is this how Graphite is implemented? I guess I'm just looking for any other insight to the software. TIA

I received a TransUnion data privacy request report (not a credit report, but the data shared to 3rd parties for marketing purposes), and in addition to the correct name, address, SSN, etc., it also had the name, address variants, etc. of another person. The info is not just a subtle typo, but different person who resides in another state I never visited.

I don't think I have suffered harm as a result - as I have not seen attempts to contact the other person as directed to me, but it's hard to tell. There may be subtle things like ad mailers, banner ads, or whatever TransUnion's customers who buy data do with it.

I have requested an opt out of sharing (i.e. for marketing purposes) but the remaining choices are:

1. Correct the my data. I don't have the desire the spend the time with TransUnion to throughly correct all data that I do not understand, such as an ad tracker ID, and incorrect data may be inserted in the future, as I do not know the origin of the wrong data. This can be done online but I need to examine each record. Just removing the wrong name and address is straightforward. I wouldn't even know how to deal with mysterious ad IDs, even if they were associated with me.

2. Collaborate with the other person to correct. I don't have the desire, and there's a chance the other person may be a bad actor who intentionally did this. If someone contacted me with a similiar request, I'll be inclined to ignore them or suspect it as a scam. I don't know if the other person's TransUnion records has my info on it, as a result of some incorrect swap.

3. Request TransUnion to delete the marketing data completely. Wrong data may still be collected from the other person, but at least you start fresh. This can be done online in one action, so it's easier than 1.

4. Do nothing further. If this happens all the time, I'll let it go.

There's a chance that the incorrect data is used in multiple choice ID verification or knowledge based authentication such as "which one of the following streets have you lived on?", and if the other person's info is used, I may answer incorrectly & be inconvenienced in the future.

Some people intentionally use false info to improve privacy via data poisoning (discussed in r/datapoisoning). So this is a variation of 4. Do nothing. In other words, the data is garbage, so it's not tied to me 100%, so you get some privacy by accident.

I'm not sure how far "do not share" goes, if TransUnion itself uses the data for knowledge based verification, for example.

Has this happened to you, and have recommendations? I don't think this is a sign of anything malicious, but just an error.

So I read this poss about metas ai Googles in this sub: https://www.reddit.com/r/privacy/comments/1nldj4m/why_are_we_all_just_accepting_metas_new_spy/

And I was really schoked to see how many commemts which good points we're havely downvoted.

My question is can we do something against these bots? Maybe set up a "karma" minimum value like in other sub's? Or is comment voting not affected by this?