ID Leak Exposes 985K; Signal Threatens UK Exit; Canada Targets Teens

Over 985,000 Passport and ID Photos Left Unprotected on Public Internet

Security researcher Sammy Azdoufal discovered over 985,000 photo IDs, including passports and driver’s licenses, sitting unprotected at public URLs with no password or access control. The data originated from cannabis clubs in Spain, containing visitors’ phone numbers, addresses, and consumption habits. The database also included celebrities and roughly 30,000 visitors from the United States. Azdoufal used an automated tool to find the exposed documents, which he described as a severe security risk that could be exploited for identity theft and resale. The breach highlights the ongoing vulnerability of personal data stored by small businesses and clubs that fail to implement basic security measures. No word yet on whether the affected clubs have secured the data or notified authorities.

Nearly a million passports and photo IDs were left unprotected on the public internet →

Signal President Warns Company Will Leave UK If Forced to Weaken Encryption

Signal president Meredith Whittaker has reiterated that the encrypted messaging app would „absolutely, 100% walk” away from the UK market rather than comply with government demands to implement client-side scanning. The UK government under Prime Minister Keir Starmer is pushing for phone screening technologies under the Online Safety framework, ostensibly to protect children from harmful content. Client-side scanning would require devices to analyze messages before encryption, effectively turning every phone into a surveillance tool. Whittaker first warned about a potential UK exit in 2023 during debates over the Online Safety Bill, and the company’s position has not changed. Signal is operated by a nonprofit foundation, does not run ads, and does not harvest user data; encryption is its core product. The standoff underscores the broader conflict between government surveillance ambitions and the privacy rights of users.

Signal president warns of potential UK exit over surveillance concerns →

Connecticut Prosecutor Granted Diversion After Using Police Databases to Spy on Romantic Rival

Christa Baker, a senior assistant state’s attorney in New London, Connecticut, has been granted an accelerated rehabilitation program on two computer crime charges after she used restricted law enforcement databases to access information about her husband’s alleged romantic interest. Baker accessed eProsecutor and MAJEB systems multiple times to pull data on the victim. She also allegedly showed up outside the victim’s apartment complex in December 2024 and yelled at her. At her hearing, Baker told the court „Suffering causes people to make mistakes” and said the incident has destroyed her family. Her attorney argued she did not realize she was violating computer access laws. The stalking charges were dropped. Baker has been on administrative leave with pay since August 13. The case highlights the abuse of privileged access by law enforcement officials and the leniency often afforded to prosecutors who misuse their power.

‘Suffering Causes People To Make Mistakes,’ Says Prosecutor Who Used Cop Databases To Spy On Romantic Rival →

Canada Proposes Ban on Social Media for Under-16s and Regulation of AI Chatbots

Canada has introduced the Digital Safety Act, a bill that would bar children under 16 from social media and, uniquely, also regulate AI chatbots. Platforms can apply for an exemption if they prove they meet strong safety standards, pushing companies to redesign services rather than simply lock children out. The bill also targets engagement algorithms, autoplay, and endless scrolling that the government says amplifies harm. The chatbot focus follows a recent lawsuit against OpenAI by families affected by a mass shooting, alleging the company knew from the attacker’s ChatGPT conversations about his plans. Non-compliance could cost platforms up to 3% of global revenue or C$10 million. The bill is inspired by Australia’s ban but goes further by also regulating design and chatbots. However, enforcement remains a challenge; Australia found that about 70% of children kept accounts despite deactivations. Canada’s bill is expected to take at least a year to pass and another 18 months to set up a regulator.

Canada wants to ban under-16s from social media, and rein in AI chatbots too →

Acxiom’s Geo-Based Audience Segments Now Available on The Trade Desk in UK and Germany

Acxiom, the data and technology company owned by Omnicom, has launched its Geo-Based audience segments inside The Trade Desk’s third-party data marketplace for buyers in the UK and Germany. Announced on June 10, 2026, the integration allows advertisers to target consumers based on observed patterns at real-world locations, such as retail stores, healthcare facilities, and travel hubs. The underlying data comes from Acxiom’s InfoBase, which draws on verifiable consumer behavior rather than modeled interests. The geo-based audiences add a new layer of granularity for programmatic campaigns, enabling brands to reach consumers who frequent specific physical environments. This extends Acxiom’s existing relationship with The Trade Desk, where its broader InfoBase data was already accessible. The move reflects the growing demand for place-based targeting in digital advertising and raises privacy considerations as location-derived data becomes more widely available in programmatic marketplaces.

Acxiom’s geo-based audiences are now live on The Trade Desk in UK and Germany →