Walmart’s Newly Patented Technology For Eavesdropping On Workers Presents Privacy Concerns

Walmart just won a patent for audio surveillance technology that measures workers’ performance, and could even listen to their conversations with customers at checkout. While there’s no guarantee that Walmart will ever build this technology, the patent shows the company is thinking about using tech not just to facilitate deliveries or make its warehouses more efficient, but also to manage its workforce, which is the largest in the United States.

Source: Walmart’s Newly Patented Technology For Eavesdropping On Workers Presents Privacy Concerns

Are there risks of using public clinical trial data under GDPR?

Given that clinical trial documents contain personally identifying health information about trial participants, it is necessary to anonymize these documents. While there are efforts among the agencies to harmonize their anonymization guidance and practices, they are governed by different privacy laws and are implementing quite a different anonymization methodology. This raises the question of what the risks would be to the users of these public clinical trial documents if the anonymization performed for a public data release was not adequate and the public documents still have a high risk of re-identification?

Read full article: Are there risks of using public clinical trial data under GDPR?

Post-GDPR, How Many Will Really Opt Out Of Personal Targeting?

If stricter opt-in dialogues brought by GDPR make mass opt-outs more likely, how might that affect the functioning of user ID or third-party data? Ultimately, we now live in an opt-in world, but the dust has yet to fully settle. When it does, the public’s love or hate of targeting may yet play a bigger role in ad tech’s future.

Read full article: Post-GDPR, How Many Will Really Opt Out Of Personal Targeting? | AdExchanger

How Fracking Companies Use Facebook Surveillance to Ban Protest

Oil and gas companies are discrediting activists using social media to justify banning their protests. Three companies are currently seeking injunctions against protesters: British chemical giant INEOS, which has the largest number of shale gas drilling licenses in the UK; and small UK outfits UK Oil and Gas (UKOG), and Europa Oil and Gas. Among the thousands of pages of documents submitted to British courts by these companies are hundreds of Facebook and Twitter posts from anti-fracking protesters and campaign groups.

Source: How Fracking Companies Use Facebook Surveillance to Ban Protest – Motherboard

Brazil’s Senate Passes General Data Protection Law

On July 10, 2018, Brazil’s Federal Senate approved a Data Protection Bill of Law. The bill, inspired by the EU General Data Protection Regulation, is expected to be sent to the Brazilian President in the coming days. The Bill will take effect 18 months after it is published in Brazil’s Federal Gazette.

Source: Brazil’s Senate Passes General Data Protection Law

Lack of access to personal data does not unmake a joint controller

The Court of Justice of the EU decided in Case C-210/16 Wirtschaftsakademie that Facebook and the administrator of a fan page created on Facebook are joint controllers under EU data protection law. That means shared responsibility (with Facebook) to comply with EU data protection law for the processing of personal data occurring through their Facebook Page.

Read full article: The CJEU decides lack of access to personal data does not unmake a joint controller: A look at Wirtschaftsakademie

A data breach may be more expensive than you think, thanks to these hidden costs

Data breach can cost $3.86 million, according to IBM report. The amount of time it takes to find a data breach, investments in technology that expedite response time, and lost or stolen records impact data breach costs severely. Response time is crucial – companies lost an average of $148 per lost or stolen record, which supports the need to find a breach quickly, continued the release.

Source: A data breach may be more expensive than you think, thanks to these hidden costs – TechRepublic

‘Legitimate interest’ may permit processing of ‘silent party data’ under PSD2

Businesses in the payment services market do not necessarily need the consent of ‘silent parties’ to process their personal data when providing payment initiation or account information services to their customers, the European Data Protection Board (EDPB) has said.

Source: ‘Legitimate interest’ may permit processing of ‘silent party data’ under PSD2

French website publisher fined for violation of the cookie requirements

The French Council of State affirmed the EUR 25,000 fine imposed by the CNIL on Editions Croque Futur (challenges.fr) for non-compliance with French data protection law, and in particular cookie requirements.

This decision is particularly interesting in that it clarifies that browser settings are not always a valid means of consent to cookies, while many cookies policies out there still refer to such browser settings as the only way to control cookies.

Source: FRANCE: Website publisher fined for violation of the cookie requirements

All corporate networks ‘highly vulnerable’ to attacks

Corporate Wi-Fi networks and employee mistakes make all corporate networks vulnerable to attacks from hackers, according to Positive Technologies. The report studied 2017 audits of 22 corporate systems belonging to companies across different industries, including IT, finance, retail, and transportation. Positive Technologies researchers were able to gain full control of infrastructure on every corporate networks they attempted to compromise. Only 7% of the systems studied were moderately difficult to access, the report found.

Source: 100% of corporate networks ‘highly vulnerable’ to attacks, here’s how to secure yours – TechRepublic

>