Dan upgraded to OS X Catalina last week, and he's starting to get a warning that Google will be able to read, delete and compose email in his account. Leo says that isn't from Google. He suspects that Dan may have an extension installed in Safari that's causing that, or that it could be a standard European GDPR warning message. But even if he approves it, he can revoke the permissions in settings. But first, look at extensions. Safari-Preferences-Extensions.
Nathan wants to know if there's any recourse if a company isn't protecting his passwords. Leo says in Europe they have the GDPR, but in the US the only real protection is through HIPPA in the medical field. Leo recommends talking to Brian Krebbs at Krebbs on Security and asking him how he should write a letter to warn them of their liability.
1. Facebook had a terrible year, starting with leaked information to Cambridge Analytica of up to 87 million users. It lost 19% value, up to $100 billion, the biggest loss in the history of the stock market. Mark Zuckerberg lost $40 billion personally. And there was congressional investivations. All told, Facebook had 21 scandals centered around privacy violations. It was as bad a year as Facebook could get.
2. Apple lost 20% of its value. It went from being the first trillion dollar company to no longer holding that title.
Joy was trying to post an article on Facebook and got a message that it was blocked according to the EU GDPR regulations. Leo says that Facebook may have thought she was in the EU and would fall under those rules. So Facebook blocked the article. But it may be that Facebook is blocking articles related from European sources. Some news agencies may be blocking EU IP addresses in order to skirt GDPR regulations.
Europe's new General Data Protection Regulation or GDPR has gone in effect, and it has some teeth as companies who fail to comply will face a fine of 4% of their annual income. Leo says that larger companies could face fines in the millions. Leo also says that companies have 72 hours to report all data breaches and give customers the right to have their data deleted upon request.