fbpx

Irish regulator reaches preliminary decision in Twitter privacy probe

Twitter may be the first big technology firm to face a fine by the EU’s lead regulator under the region’s tougher data protection rules after it submitted a preliminary decision in a probe into the social media firm to other member states.

The Twitter ruling relates to a 2019 probe into a bug in its Android app, where some users’ protected tweets were made public. Twitter is the subject of two of the 20 other inquiries the DPC had open into big tech firms at the end of 2019.

The DPC is not commenting on the substance of the preliminary Twitter decision at this point, Deputy Commissioner Graham Doyle told Reuters.

Source: Irish regulator reaches preliminary decision in Twitter privacy probe – EURACTIV.com

Equifax agrees to spend over $30 million to settle claims over 2017 data breach

Equifax has agreed to a proposed class action settlement with financial institutions over its 2017 data breach that affected roughly 147 million people in the U.S.

The company will pay up to $5.5 million for class members and commit to spending at least $25 million on data security measures over a two-year period under the proposed deal, according to the unopposed motion for preliminary approval of the settlement.

Source: IN BRIEF: Equifax agrees to settle financial institutions’ claims over 2017 data breach – Reuters

Two Bills Introduced to Restrict Microtargeting of Political Ads

Members of Congress have introduced two bills to restrict the microtargeting of online political advertisements.

The Banning Microtargeted Political Ads Act, sponsored by Rep. Anna Eshoo (CA-18), would prohibit online platforms from targeting ads at users on the basis of their personal data. The Protecting Democracy from Disinformation Act would restrict microtargeting of political ads based on demographic characteristics and personal data collected online.

Source: Two Bills Introduced to Restrict Microtargeting of Political Ads

EasyJet faces £18 billion class-action lawsuit over data breach

UK budget airline easyJet is facing an £18 billion class-action lawsuit filed on behalf of customers impacted by a recently-disclosed data breach.

The lawsuit has been filed in the High Court of London on behalf of customers. According to the firm, easyJet’s data breach took place in January 2020, and while the ICO was apparently notified at this time, customers were not informed until four months later. The lawsuit aims to secure up to £2,000 per impacted customer.

Source: EasyJet faces £18 billion class-action lawsuit over data breach | ZDNet

EU privacy regulators investigate Apple’s handling of Siri snippets again

Apple is facing fresh questions from its lead data protection regulator in Europe following a public complaint by a former contractor who revealed last year that workers doing quality grading for Siri were routinely overhearing sensitive user data.

Responding to the latest Apple complaint from le Bonniec, the DPC’s deputy commissioner, Graham Doyle, told TechCrunch: “The DPC engaged with Apple on this issue when it first arose last summer and Apple has since made some changes. However, we have followed up again with Apple following the release of this public statement and await responses.”

Source: Apple’s handling of Siri snippets back in the frame after letter of complaint to EU privacy regulators | TechCrunch

California Privacy Compliance Obligations May Soon Change Under CPRA Ballot Initiative

The California Privacy Rights Act (CPRA) is progressing through California’s elections process for inclusion on the November 2020 ballot. Businesses may want to begin considering how their data privacy obligations in California may change if voters enact CPRA.

The CPRA is a ballot measure created by Californians for Consumer Privacy. It would significantly amend the CCPA. Substantive provisions of the CPRA would become effective on January 1, 2023.

Source: California Privacy Compliance Obligations May Soon Change Under CPRA Ballot Initiative

UK is lowering privacy standards, says EU officials

In his remarks following Round 3 of negotiations for a new partnership between the European Union and the United Kingdom Michel Barnier has pointed out that United Kingdom insists on lowering current standards and deviating from agreed mechanisms of data protection – “to the point that it is even asking the Union to ignore its own law and the jurisprudence of the European Court of Justice on passenger data (“PNR rules”)”.

Michel Barnier also notet that “The UK refuses to commit, in an agreement with us, to guarantees protecting fundamental rights and individual freedoms resulting from the European Convention on Human Rights, as agreed in the Political Declaration”.

Source: Remarks by Michel Barnier following Round 3 of negotiations for a new partnership between the European Union and the United Kingdom

HSE will no longer tell employers workers’ test results

The Health Service Executive has said it is to suspend the practice of informing employers of Covid-19 test results and is to seek guidance from the Data Protection Commissioner (DPC).

In some cases, the results were sent to employers who informed workers before the HSE. The DPC has said this is not legitimate.

In view of the concerns raised by some employees in relation to this issue, the HSE will reconsider the use of exceptions and has suspended the practice while it seeks guidance from the Data Protection Commissioner.

Source: HSE will no longer tell employers workers’ test results

Latvia to be one of first to use Apple and Google software for coronavirus contact-tracing apps

Latvia will be one of the first countries to use the software tool developed by US tech companies Apple and Google enabling nations to release coronavirus contact-tracing apps, representatives of the companies informed LETA.

The software tool will enable the development of mobile apps using a decentralized approach, which involves saving and analyzing the data of close-distance contacts in the user’s mobile devise. Apple and Google have granted access to their new software to 22 countries, including Latvia where a group of IT companies are working on the app Apturi COVID (Stop COVID). Latvia will thus become one of the first countries to use the new tool for combating the spread of the new coronavirus.

Source: Latvia to be one of first to use Apple and Google software for coronavirus contact-tracing apps :: The Baltic Course | Baltic States news & analytics

As the GDPR turns 2, Big Tech should watch out for big sanctions

Get ready to see the EU’s landmark privacy regulation flex its muscles as it prepares for a fight.

The GDPR’s quiet first two years give a false impression of the impact the law has had on the global stage. The legislation has raised the EU’s profile among regulators and lawmakers around the world and inspired similar regulations in Brazil and India, as well as in California, home to many of the tech giants. Tech companies have had to change their privacy policies and disclosures not only in Europe but around the world, since it doesn’t make sense to observe two sets of privacy standards.

And industry watchers say more moves are coming. The regulators are just taking the time to make sure these sanctions stick.

Source: As the GDPR turns 2, Big Tech should watch out for big sanctions – CNET

1 2 3 467
>