Yango Hit With €100 Million GDPR Fine for Sending User Data to Russia
Dutch regulators fined taxi app Yango €100M after finding encryption and contracts couldn't protect EU user data from Russian government access.
Read more →News
Resources
Stay informed with the latest news, guides, and resources about privacy and digital sovereignty.
News
Hackers Stole Fingerprints, Medical Records, and SSNs of 1.8 Million NYC Hospital Patients
NYC Health + Hospitals breach exposed biometric data, diagnoses, and government IDs. Unlike passwords, stolen fingerprints can never be reset.
Read more →News
Canada's Bill C-22 Would Force Every Digital Service to Log Who You Talk To for a Year
Canada's Lawful Access Act mandates metadata retention, threatens encryption, and has Signal, ProtonVPN, and Windscribe ready to leave the country.
Read more →News
The Supreme Court Is Deciding Whether Police Can Track Every Phone Near a Crime Scene
In Chatrie v. United States, the Court will rule on geofence warrants — digital dragnets that sweep up everyone's location data. The decision could reshape digital privacy.
Read more →News
London Police Made 700,000 Requests for Your Private Communications Data Last Year
FOI data reveals the Met sought comms metadata from tech firms, delivery apps, and even Proton — while targeting journalists 157 times.
Read more →News
A US Bank Fed Customer Social Security Numbers to an Unauthorized AI App
Community Bank disclosed that customer names, dates of birth, and SSNs were sent to an unknown AI tool. The bank won't say which one or how many people were affected.
Read more →News
Verizon's 2026 Breach Report: Software Flaws Now the #1 Way Hackers Get In
The DBIR finds vulnerability exploitation has overtaken stolen passwords for the first time in 19 years. Shadow AI and third-party risk are surging.
Read more →News
Canvas Breach Exposes 275 Million Student Records — Then Instructure Paid the Ransom
Hackers stole 3.65 terabytes of student data from the platform used by 41% of US colleges. Instructure paid up, but there's no proof the data was destroyed.
Read more →News
Rituals Cosmetics Breach Exposes Millions of Loyalty Members as Dutch Data Crisis Deepens
Amsterdam-based Rituals confirms hackers stole names, addresses, and birthdates from its 41-million-member database. It's the fourth major Dutch breach in three months.
Read more →News
AI Coding Platform Lovable Exposed Source Code, Database Credentials, and Chat Histories for 48 Days
A basic API flaw in Lovable let any free account access other users' source code, database passwords, and AI conversations. The company denied it, then blamed everyone else.
Read more →News
A Roblox Cheat Script Led to the Vercel Breach — and Exposed Customer Secrets
An AI startup employee downloaded game cheats laced with malware. Days later, attackers had access to Vercel's internal systems and customer credentials.
Read more →News
GDPR Only Works Where Regulators Actually Enforce It, New Study Confirms
A 10-country tracking study shows privacy laws cut surveillance by 50% in Germany and Spain — but do almost nothing where regulators stay passive.
Read more →News
The EU Is Quietly Dismantling Its Own Privacy Laws — and Big Tech Wrote the Playbook
The EU's Digital Omnibus rewrites GDPR, the AI Act, and ePrivacy rules to let companies train AI on your data without consent and dodge transparency requirements.
Read more →News
Congress Wants One National Privacy Law — But It Would Kill Stronger State Protections
The SECURE Data Act would give Americans basic data rights while gutting the state privacy laws that already go further. Here's what's at stake.
Read more →News
Congress Punts on Mass Surveillance — You Have 10 Days to Push for a Warrant Requirement
A bipartisan revolt blocked a clean renewal of Section 702, the law that lets the FBI read your messages without a warrant. The clock runs out April 30.
Read more →News
Adobe's Outsourced Support Let a Hacker Export 13 Million Tickets in One Request
A phishing attack on an Indian BPO firm gave a threat actor admin access to Adobe's helpdesk. 13 million tickets, 15,000 employee records, and HackerOne bug reports walked out.
Read more →News
One Compromised Vendor Login Exposed 6.8 Million Crunchyroll Users' Data
A malware-infected outsourcing employee gave hackers access to Crunchyroll's entire support system. 100GB of user data walked out the door.
Read more →News
OkCupid Gave 3 Million Users' Photos to a Facial Recognition Company — and Hid It for 12 Years
The FTC settled with Match Group after OkCupid secretly shared user photos, location, and demographics with AI firm Clarifai. No fine was issued.
Read more →News
Immigration Software Breach Exposes 116,000 People's Most Sensitive Data — Disclosure Took Six Months
DocketWise, used by thousands of US immigration law firms, leaked SSNs, passports, and medical records. Victims weren't told for half a year.
Read more →News
LinkedIn Is Secretly Scanning Your Browser Extensions — All 6,000 of Them
An investigation reveals LinkedIn injects hidden code that probes for 6,167 browser extensions and fingerprints your device without consent.
Read more →News
Perplexity AI Secretly Sent Your Private Chats to Google and Meta for Ad Targeting
A 135-page class action lawsuit alleges Perplexity embedded Meta Pixel and Google ad trackers that funneled user conversations — even in 'incognito mode' — to Big Tech.
Read more →News
Italian Spyware Firm Built a Fake WhatsApp to Spy on 200 People — and Governments Paid for It
WhatsApp caught Italian firm SIO distributing a fake app loaded with government spyware. Italy's surveillance industry keeps growing.
Read more →News
Quantum Computers Could Break Your Encryption by 2029 — New Research Slashes the Timeline
Google and Oratomic research shows quantum computers may need far fewer qubits to crack encryption than previously thought, pushing Q-Day as close as 2029.
Read more →News
Meta Is Killing Instagram Encryption — Your DMs Won't Be Private After May 8
Meta will permanently remove end-to-end encryption from Instagram DMs on May 8, just 11 days before the Take It Down Act takes effect.
Read more →News
Government Requests for Your Data Have Surged 770% — and Section 702 Expires in Two Weeks
Proton research reveals Apple, Google, and Meta shared data from 3.5 million accounts with US authorities. With FISA Section 702 expiring April 20, Congress faces a choice.
Read more →News
Italy's Largest Bank Hit with €31.8 Million GDPR Fine After Employee Snooped on 3,500 Customers for Two Years
Intesa Sanpaolo fined for systemic data protection failures after a single employee accessed thousands of accounts undetected, including politicians and public figures.
Read more →News
Euro-Office Launches: Europe's Sovereign Office Suite Challenges Microsoft
A coalition of European tech companies launched Euro-Office, an open-source alternative to Microsoft 365 built for digital sovereignty.
Read more →News
European Commission Hit by Major AWS Breach — 350GB of Data Stolen
Hackers compromised the EU executive body's Amazon Web Services account, exposing databases and employee information. AWS claims no security event on their end.
Read more →News
Congress Has One Shot to Close the Data Broker Loophole Before FISA Expires
A bipartisan bill would ban warrantless government purchases of Americans' location data. Section 702 expires April 20.
Read more →News
Anthropic Wins: Court Blocks Pentagon's Retaliation Over AI Safety Guardrails
A federal judge has blocked the Pentagon's effort to brand Anthropic a national security risk, calling it unconstitutional punishment for refusing to remove AI safeguards.
Read more →News
Russian Hackers Targeting Signal and WhatsApp Accounts in Global Campaign
FBI, CISA, and European intelligence agencies warn of state-sponsored social engineering attacks bypassing encryption to hijack messaging accounts.
Read more →News
DOGE Employee Allegedly Walked Out With 500 Million Americans' Social Security Data on a Thumb Drive
A whistleblower claims a former DOGE software engineer retained access to two of the SSA's most sensitive databases and planned to share the data with his private employer.
Read more →News
Conduent Breach Exposes 25 Million Americans Who Never Knew the Company Had Their Data
A ransomware attack on government contractor Conduent has compromised personal data of over 25 million people who use Medicaid, child support, and other public services.
Read more →News
The Pentagon vs. Anthropic: What the AI Ultimatum Means for Your Privacy
Defense Secretary Hegseth has given Anthropic until Friday to drop AI safety guardrails or face severe consequences. The outcome will determine whether AI becomes a tool of mass surveillance — or whether any company can resist government pressure to weaponize artificial intelligence against civilians.
Read more →News
The Durov Prosecution: What the Case Against Telegram's Founder Means for Private Communications
Pavel Durov faces criminal charges in France and Russia for running Telegram. The precedent being set threatens every platform that prioritizes user privacy over state access.
Read more →News
Corporate Surveillance Scorecard: The Biggest Wins and Losses of 2025
From Apple's on-device scanning expansion to the EU forcing Meta to offer ad-free options, we track the year's most significant corporate surveillance battles.
Read more →News
Government Surveillance in 2026: The Expanding Dragnet and the Growing Resistance
From FISA Section 702 reauthorization to encrypted messaging bans, governments worldwide are pushing surveillance to new extremes. But the pushback is real.
Read more →News
Privacy Wins: 5 Encouraging Developments From Early 2026
Not all privacy news is doom and gloom. Here are five recent developments proving that the fight for digital privacy is being won on multiple fronts.
Read more →News
Launch Delayed to October 16th — We'll Only Deploy on Trusted Infrastructure
Our launch is delayed to October 16th due to hosting provider issues; we will only deploy on a reputable provider in a jurisdiction that respects privacy.
Read more →News
On Track for Launch: Our Open Source Private Cloud Solution
We're excited to announce that our Nextcloud-based private cloud solution on Swiss architecture is on schedule for October 13th, 2025 launch.
Read more →Guide
DataPurge: A Free Data Broker Opt-Out Tool Built by Our Founder
DataPurge is a free, open-source tool that generates legally-backed deletion requests to 700+ data brokers. Built in spare time by one of our founders. No accounts, no tracking — your data never leaves your browser.
Read more →Guide
The Self-Hosting Revolution: Why 2026 Is the Year to Take Back Your Data
Self-hosting has never been more accessible. From Nextcloud to Immich, here's why millions are ditching Big Tech cloud services and how you can join them.
Read more →Guide
Escape Big Tech: A Complete, No-Nonsense Guide to Replacing Every Google, Apple, and Microsoft Service
A practical, step-by-step guide to replacing every major Big Tech service with privacy-respecting alternatives. No lectures, just solutions.
Read more →Guide
The AI Privacy Dilemma: Your Data, Their Models, and How to Take Back Control
A comprehensive analysis of how AI companies use your data, comparing privacy policies of major platforms, and providing practical guidance on protecting your digital privacy in the age of artificial intelligence.
Read more →Guide
How to Choose a Privacy-Respecting Browser
A comprehensive guide to selecting browsers that protect your privacy, with recommendations organized by operating system.
Read more →Ready to Take Control?
Join us on our journey to a more private and secure digital future.