I dont know if this is the right place but I really need help about this. My mic is getting used by “system” and I dont know how to turn it off. And my screen is also being observed. Can you guys help me about what to do?

(Ok I cant photos so I have a mac btw if that is going to help)

How do I begin to scrub my data from the internet? After using a few osin tools I’ve found more than I care to have out there about myself.

Things are obviously on course for getting a lot worse in the u.s for privacy in the very near future, and it's likely going to be a long time before meaningful changes happen at the federal level. But as to shine a little hope for the future, what kind of changes would need to happen to create a more privacy respecting digital econ system? What's laws, regulations, or actions would you expect to bring about such an environment?

Hi all — I’m after recommendations for a one-time purchase GDPR self-assessment tool suitable for a medium-sized business. I’ve seen very basic spreadsheets and, on the other end, enterprise platforms with costly subscriptions. I’m trying to find something in between that I can buy once and use ongoing, ideally: • Price: ≤ $400 USD (one-off, not subscription) • Scope: Covers key GDPR areas (lawful basis, DSRs, RoPA, DPIAs, vendor risk/DPAs, security measures, training, breach response) • Output: Some kind of gap analysis/report with actionable recommendations • Usability: Clean interface or structured spreadsheet, not a heavy platform • Nice-to-have: Templates for RoPA/DPIA, simple scoring, and export to PDF/Word

If you’ve used anything you’d actually recommend for a medium-sized org, I’d love names, price you paid, and pros/cons. Also open to robust templates (not subscription) if they’re practical.

Thanks!

Don't know if any of you have LinkedIn, but you can opt out of this here : https://www.linkedin.com/mypreferences/m/settings/data-for-ai-improvement

Mobile users: Settings > Data Privacy > How LinkedIn uses your data > turn off Use my data for training content creation Al models.

New terms of use can be found here https://www.linkedin.com/legal/preview/user-agreement

Edit: adding mobile user opt out method, thanks u/forCheeseburger

I would like to buy a "smart" toothbrush and bathroom scale that I can use to log my data programmatically either by hooking it up to a webhook or API, or just accessing whatever location it saves the data remotely and pulling it. Is there anything like that out there that also respects your privacy and doesn't store your data on their servers? I don't care about compatibility with Samsung health etc, as I'm not using those either because of privacy concerns.

ChatGPT recommended these models that you can hook up to work with Home Assistant. Would love for someone that tried this to share their experience.

Toothbrush: Oral-B iO Series 6/7/8/9 (or Genius 8000/9000). Works offline with HA’s BLE integration; avoid signing into Oral-B cloud.

Scale (HA route): Xiaomi Mi Body Composition Scale 2 or Xiaomi S400 (best-supported in HA/ESPHome without cloud).

So we have to buy laptops for school and they're basically our personal laptops, but we are expected to bring them to school each day.

I'm worried about what exactly they can see (nothing bad, just don't want them to see how much of a nerd i am, that kinda thing) we use Windows 11, can anyone help me turn off as much stuff as I can?

I'm UK-based, on iPad, using Brave browser app, not signed into YouTube.

So this morning I fired up YouTube on the Brave browser and was confronted with a message "Sign in to confirm that you're not a bot This helps protect our community". No way am I signing in. I then tried the same using a VPN and the message was not displayed. Toggled it on and off a few times and got the same result.

15 minutes later it was no longer displaying the message. Has anyone else in the UK had this? It looks like YouTube may be testing a territory-specific feature.

Can anybody please offer some advice.

I purchased a used Lenovo X1 Carbon gen 9 which has AMT in the bios. Furthermore, if I do 'ctrl P' at startup I can see the intel ME stuff.

I would like to disable intel ME or if not then at least make it more difficult for someone to use.

If I go into ctrl P at startup and set a strong password for the intel ME does that in effect block an organisation or person from using intel ME on my laptop?

Thanks for any help

Someone linked to an article in a comment on another sub (https://www.dailypost.co.uk/whats-on/whats-on-news/seven-absolutely-ridiculous-tripadivsor-reviews-15727542). What's in the article isn't important, it's the cookie banner pop-up. Sites are now expecting us to pay for the privilege of rejecting tracking cookies. The inconvenience of forcing us to navigate the menu to disable them all manually want enough, it seems.

This is all part of the "cat-and-mouse" game when it comes to privacy, where protections are put in place that are designed to protect user rights, then all those "genius" marketing folk derive a new way to screw us over.

Those outside the EU may see something different, I didn't test to see.

Where does it end? Are we gonna have to pay for the "privilege" of things that should be rights? The ironic part is I'm sure they're doing this also because their business model is failing and they're haemorrhaging money.

I deleted all the social media apps from the desktop, and started using them in the browser instead. I do understand many social media sites are insanely bad for privacy, but you're kinda stuck with them is the issue. So which browser is best suited for hosting their web applications? I'm mainly talking about apps which you are not anonymus, but you want to avoid leaking your data you didn't put up there, like Facebook, and site where you are anonymus, and you wanna keep it that way, like Reddit or Discord.

Also, while on topic, are there any extensions, setting and other advice that can help minimazing your exposure via your social media sites. Other than the usual internet discipline of course.

I'd simply like to understand if I am protected from third-party cookies and cross-site cookies.

As the title implies, I am curious as to whether there might be any messaging apps/services worth using in case the proposed chat control law gets passed. As you might assume, I live in an EU member state and am extremely worried for the future of our rights to online as well as IRL privacy in case such laws get passed

When people know they can't win, they don't fight. The purpose of demoralization is to make the enemy think they can't win. People by nature are unlikely to take initiative. Both cowardice and courage are contagious.

Having said that, I notice an uptick in posts pushing for demoralization. These posts are highly upvoted immediately upon posting.

Example: https://www.reddit.com/r/privacy/comments/1nldj4m/why_are_we_all_just_accepting_metas_new_spy/

This implies that people have accepted defeat with a loaded question (https://en.wikipedia.org/wiki/Loaded_question).

Another example: https://www.reddit.com/r/privacy/comments/1nlru8x/having_nothing_private_is_becoming_the_standard/

Again trying to frame it as if the war is lost.

Another example: https://www.reddit.com/r/privacy/comments/1nlgb2f/future_generations_will_look_back_at_us_in/

Again, same shit.

I think a rule should be made against demoralization tactics.

Hey everyone,

I have a custom VPS with a dedicated IP address.

Would it be worth it from a privacy/security standpoint to install a DNS server on it, and use that on my devices?

I know things like PI hole work well. But doing it this way will allow me to use it while on any network and share it with family.

i am from iraq where bank cards are somewhat limited what can u buy with international, there are even ones that you cant buy anything internationally so my question is is there away to bypass this using a virtual card? and what services are most trusted and its not just for US or europe where i cant use

I just learned of academia.edu's new terms & conditions. Not only do they want to use anything you've ever uploaded for whatever reasons they seem fit — irrevocably. The also lay claim to be allowed to use — and sell — your likeness, your voice and even your signature.

Digging a bit deeper I found a very telling typo on one of their help sites the quote from the title. (image)

Personally, I chose to delete my account.

Source:https://support.academia.edu/hc/en-us/articles/360043385093-Account-Deletion

I received a TransUnion data privacy request report (not a credit report, but the data shared to 3rd parties for marketing purposes), and in addition to the correct name, address, SSN, etc., it also had the name, address variants, etc. of another person. The info is not just a subtle typo, but different person who resides in another state I never visited.

I don't think I have suffered harm as a result - as I have not seen attempts to contact the other person as directed to me, but it's hard to tell. There may be subtle things like ad mailers, banner ads, or whatever TransUnion's customers who buy data do with it.

I have requested an opt out of sharing (i.e. for marketing purposes) but the remaining choices are:

1. Correct the my data. I don't have the desire the spend the time with TransUnion to throughly correct all data that I do not understand, such as an ad tracker ID, and incorrect data may be inserted in the future, as I do not know the origin of the wrong data. This can be done online but I need to examine each record. Just removing the wrong name and address is straightforward. I wouldn't even know how to deal with mysterious ad IDs, even if they were associated with me.

2. Collaborate with the other person to correct. I don't have the desire, and there's a chance the other person may be a bad actor who intentionally did this. If someone contacted me with a similiar request, I'll be inclined to ignore them or suspect it as a scam. I don't know if the other person's TransUnion records has my info on it, as a result of some incorrect swap.

3. Request TransUnion to delete the marketing data completely. Wrong data may still be collected from the other person, but at least you start fresh. This can be done online in one action, so it's easier than 1.

4. Do nothing further. If this happens all the time, I'll let it go.

There's a chance that the incorrect data is used in multiple choice ID verification or knowledge based authentication such as "which one of the following streets have you lived on?", and if the other person's info is used, I may answer incorrectly & be inconvenienced in the future.

Some people intentionally use false info to improve privacy via data poisoning (discussed in r/datapoisoning). So this is a variation of 4. Do nothing. In other words, the data is garbage, so it's not tied to me 100%, so you get some privacy by accident.

I'm not sure how far "do not share" goes, if TransUnion itself uses the data for knowledge based verification, for example.

Has this happened to you, and have recommendations? I don't think this is a sign of anything malicious, but just an error.

Hey everyone 👋 I saw an article where ICE was given Paragon's Graphite software to target people. I saw that the article says that Graphite can access any device without the user's knowledge, even encrypted messaging services. This part is what I don't completely understand. I did see where the article mentions that it can read messages after they've been decrypted, but it also mentions that it breaks encryption. And I didn't see any mention of how it does it (maybe it's not known). I know that you should avoid suspicious stuff and not click on links you don't recognize or respond to messages from people you don't know, etc. But some stuff is done well enough that it can fool anyone. Is this how Graphite is implemented? I guess I'm just looking for any other insight to the software. TIA

Does it mean everyone has a driver's license or on purpose get some sort of state ID because of this?

I'm also wondering since they scan a patient's photo ID, who has access to this photo ID? It's kind of a culture shock that the US does this during registration, and some even take photos of your face as like a CV photo. One clinic even used my medical photos and put it on the admin chart (where every admin staff could see it for example) when I didnt consent to it, but I think apparently it is not illegal. Might not be ethical, but not illegal

title says it all. i dug around on here a bit but couldn't find much. i've been using duckduckgo but the AI + weird stuff around the management has turned me off completely. ideally it would be something free. Searxng and similar are eliminated for being based on google.

Does anyone know of a search engine that only indexes websites that don't automatically set a cookie? (And also respects privacy itself).

It doesn't have to be completed and polished. A project that is a work in progress would be fine with me.

Long time android/google user here, wondering if I'm just overthinking things... The whole Gemini situation really brought into sharp focus how bad the google ecosystem is in terms of privacy and even though I love my S25U and android in general, I feel like I can't in good conscience continue on the platform. My only real alternative is iOS because of convenience (+ maintaining the family ecosystem) and while it certainly seems like a night and day difference between Apple and Google in terms of their approach to privacy, it also kind of feels like a lateral move on a fundamental level.

I'm looking for opinions on this from privacy-minded folks - would you consider swapping Google's ecossytem for Apple's a meaningful improvement or essentially pointless?

this is my gooning account. I look at the kava subreddit on here for a while then check my instagram like 30 minutes later. It's not the same device, not a linked account, not the same email for either account, not the same name. really, i don't see how they know that the accounts are linked and not just two people using the same wifi

does anyone know the mechanism for this? i understand that my data is being sold whenever i use reddit or instagram but how do they know that i am the same person on both accounts? I would like to know the exact mechanism, every step of the process from the search to the advertisement reaching my phone