A WIRED investigation this week found that a former Phoenix police officer who owns a company that offers firearms training to Immigration and Customs enforcement was involved in six shootings, four of which were deadly. Meanwhile, a New York police officer’s lawyer has been banned from Madison Square Garden amid a lawsuit the cop filed over injuries sustained during a boxing match at an MSG venue.

The Take It Down Act went into effect in the United States this week, allowing people to demand that websites and other platforms remove their nonconsensual nudes. WIRED reached out to more than a dozen companies to give you a rundown on how to take action. If you’re trying to opt out of having your data collected by data brokers and other companies, however, the process might not be so simple. New research claims that many major companies used manipulative tactics to keep people from opting out.

The Federal Trade Commission this week announced a settlement with three marketing firms—not because they sold “Active Listening” technology for serving targeted advertising, but because the technology allegedly did not work.

A bipartisan pair of US lawmakers this week took an initial stab at cracking down on automatic license plate readers, or ALPRs. Their legislation would have effectively prevented state and local governments from using the surveillance tech for police tracking.

GitHub, the popular Microsoft-owned code repository, suffered a data breach this week. The attack is part of a never-before-seen string of similar breaches carried out by the cybercrime group TeamPCP.

Finally, as the Trump administration and US tech companies have grown increasingly intertwined, European nations are looking for US-free alternatives, with France leading the charge.

And that’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

While US lawmakers stealthily proposed to prohibit the use of automated license plate readers across the country this week, it has also been revealed that the Federal Bureau of Investigation is planning to buy nationwide access to the cameras and access “near real time” data about vehicle movements.

First reported by 404 Media, recently published procurement records for the FBI Directorate of Intelligence show the agency gearing up to pay millions for access to data captured by roadside ALPR data. These cameras take images of every passing vehicle, adding their license plate, location, time and data, into searchable databases that are often accessed by local law enforcement agencies and some federal agencies.

“The FBI has a crucial need for accessible LPRs to provide a diverse and reliable range of collections across the United States,” a statement of work says. “This data should be available across major highways and in an array of locations for maximum usefulness to law enforcement.” Further documents said the access to data must be provided in “near real time.”

Google this week made public a working proof-of-concept for an unfixed vulnerability in Chromium, the open source codebase underpinning Chrome, Microsoft Edge, Brave, Opera, Vivaldi, and Arc, reported Ars Technica. The flaw was originally reported to the company 42 months ago by independent researcher Lyra Rebane, who initially assumed Wednesday's posting to the project's bug tracker meant a patch had finally shipped. It hadn't. Google pulled the disclosure after the error became apparent, but the exploit code is already mirrored on archival sites.

The bug abuses the Browser Fetch API, a feature meant to handle large background downloads, allowing any website a target visits to spin up a persistent service worker on the device. The resulting connection can be used to monitor browsing activity, route traffic through the victim's machine, or pull the device into a proxied DDoS network—connections that survive browser restarts and, in some cases, reboots. On Edge, telltale signs are minimal. Chrome users may see an unexplained downloads dropdown.