Key developments
Pentagon confirms adversary use of location data
WIRED reported that U.S. Central Command has confirmed receipt of multiple threat reports describing adversary exploitation of commercial location data to target or surveil U.S. personnel in theater. The article says the confirmation follows nearly a decade of warnings from Pentagon contractors, analysts, and lawmakers that brokered phone-location data can expose where troops sleep, work, and store sensitive assets, while Centcom only rolled out the ability to switch off location sharing on government smartphones this month.
Why it matters
It is the clearest official sign that commercial location-data markets can be weaponized against deployed forces, not just used for advertising.
Sources & driving stories
WIRED
WIRED coverageCalifornia sues 23andMe over 2023 breach
California Attorney General Rob Bonta filed suit in San Francisco Superior Court against Chrome Holding Co., the bankruptcy debtor name used by 23andMe, over a 2023 breach of genetic and personal data. The complaint says attackers used credential stuffing and a flaw in the DNA Relatives feature to reach ancestry, health, and other personal data tied to nearly 7 million people, including 855,541 Californians, and alleges the company downplayed the breach while stolen records were sold on the dark web.
Why it matters
The case puts state enforcement behind the privacy risks of consumer genetic data and could sharpen breach obligations for highly sensitive personal information.
Sources & driving stories
ENGADGET
Engadget coverageBLEEPINGCOMPUTER · Bill Toulas
BleepingComputer coverageCities cover and remove Flock cameras
CNET reported that Dayton, Ohio, and Evanston, Illinois, covered Flock Safety license-plate-reader cameras with trash bags after deciding to end their contracts, while Bend, Oregon canceled its deal outright. Dayton suspended its program and audited the system, and Evanston later ordered removal of 19 cameras after finding some had been reinstalled without apparent authorization, prompting a cease-and-desist letter.
Why it matters
The rollback shows local governments are increasingly willing to unwind AI surveillance deployments over privacy and oversight concerns.
Sources & driving stories
CNET · Tyler Lacoma
CNET coverageWorth noting
WORTH NOTING
Charter breach hits 4.9 million accounts
The telecom incident adds another large-scale disclosure of names, addresses, phone numbers, and email data after an extortion crew claimed access to Charter's Salesforce records.
WORTH NOTING
Boulder residents sue over Flock cameras
It shows privacy backlash against Flock is moving from city councils into litigation, with plaintiffs alleging warrantless vehicle tracking by fixed ALPR cameras.
WORTH NOTING
Vermont privacy bill passes legislature
Consumer advocates say the new bill advances baseline state privacy rights, but they argue its targeted-advertising and data-minimization rules remain too weak.
Still unclear
OPEN QUESTION
Will DoD adopt the recommended controls?
The WIRED report says disabling advertising IDs, restricting Chrome, and turning off location sharing were recommended years ago but only partially implemented.
OPEN QUESTION
Will California's 23andMe suit become a template?
The case could shape how regulators handle consumer DNA, ancestry, and health data in future enforcement actions.