Summary:
A Google employee revealed that the company's Nightingale project is using AI to analyze personal health records for a major health care provider (Ascenion). The employee raised concerns about the privacy of the patients because the data is not de-identitied and the patients did not have a chance to opt-out of the process. Google engineers have, in some cases, directly accessed personal records.

Summary:
This opinion piece asks if Google's privacy policies will become as scorned as Facebook's policies were in the wake of the Cambridge Analytica scandal. The Nightingale project has been criticized by a whistleblower.

Summary: Even before project Nightingale was revealed, consumer advocates expressed concern about the amount of personal data being amassed by Google. The company's plans to acquire Fitbit accentuated those concern, and at least one antitrust official at the Department of Justice discussed the possibility of such data becoming a factor in merger approvals. Google insists that there is not a problem and that the Fitbit data won't be used for targeted advertising, but Google's record on such promises is not clean.

The article notes that Google and Ascension say that their project is permitted under the HIPAA regulations because Ascension is developing peronsalized health care management for its members and is not selling the data to third parties.

Summary:
This request to block the merger of Google and Fitbit asks that the FTC use its authority under the Celler-Kefauver Act to avoid a future where Google is "at the center of all services".

Summary:
Facebook's third-party app developers weren't supposed to get information about group memberships for users who had not opted in to such disclosures, but there was a glitch. In fact, developers in many cases were able to access member profiles without restrictions. "... as part of an ongoing review of the ways people can use Facebook to share data with outside companies, we recently found that some apps retained access to group member information for longer than we intended," a Facebook spokesperson told Threatpost. Some observers applaud Facebook's identification of the problem and its plans to fix it, but others feel the company was sloppy in not finding and fixing the problems a year ago.

Summary:
A surprising linkage between light and sound was discovered by researchers looking at how lasers affect mobile device microphones. The laser beam can cause the microphone to vibrate, and by careful manipulation of the light, the microphone will react as though it were detecting a human voice.

Summary: Though data breaches are all too common, almost too common to note, having over 100 million credit card applications disclosed to an outside party is still something to perk up the ears of any security professional. CapitalOne detected the breach in mid-July and notified the FBI. The perpetrator was apprehended and CapitalOne is trying to help affected customers monitor their credit data.

Summary: The CISO of CapitalOne was shunted aside after the data breach in July, and the CIO of the commercial banking division replaced him. The FBI took a Seattle resident into custody. This person was a former Amazon Web Services employee and may have hacked into data for other companies.

Summary: