Download free GDPR compliance checklist!

Tag Archives for " data "

Greece Moves Ahead with Biometric Border Management System

Greece is planning to implement a biometric border management system that will record all crossings at ports, airports and border check points.

This means that all ports, airports and border check points in Greece will be equipped with biometric detection systems for facial recognition and fingerprinting.

Information on the movements of third country nationals within the Schengen Area will be collected and stored at Hellenic Police headquarters. Traveler data will be stored for five years and includes names, passport numbers, four fingerprints, and biometric photos

Source: GTP Headlines Greece Moves Ahead with Biometric Border Management System | GTP Headlines

‘Millions of people’s data is at risk’ — say Amazon insiders

Amazon is amassing an empire of data as the online retailer ventures into ever more areas of our lives. But the company’s efforts to protect the information it collects are inadequate, according to insiders who warn the company’s security shortfalls expose users’ information to potential breaches, theft and exploitation.

The warnings about privacy and compliance failures at Amazon come from three former high-level information security employees — one EU-based and two from the U.S. — who told they had repeatedly tried to alert senior leadership in the company’s Seattle HQ, only to be sidelined, dismissed or pushed out of the company in what they saw as professional retaliation.

Source: ‘Millions of people’s data is at risk’ — Amazon insiders sound alarm over security – POLITICO

Ranking Digital Rights flunks the tech giants

A new report on the human-rights policies of 26 tech and telecom firms around the world delivers a harsh verdict: From Alibaba to Vodafone, they all get an F.

The 2020 Ranking Digital Rights Corporate Accountability Index, as previewed in advance of its Wednesday posting, blames this collective failure to get “even close to earning a passing grade” on widespread opacity among these firms in how they analyze, promote, and demote the speech of their customers for marketing, advertising, and content-moderation purposes.

Source: Ranking Digital Rights flunks 26 tech firms and telcos

How to Use Clubhouse Without Giving Up Your Data

The buzzy social-networking app Clubhouse has been scrambling in recent weeks to respond to concerns from privacy and security experts about how the service collects and safeguards user data.

You don’t have to give Clubhouse access to every single contact in your phone to use the app, but doing so is the only way you can invite other users to Clubhouse. If you’ve already shared your contacts, the Clubhouse spokesperson says you can revoke access to the list using the settings app on your iPhone and contact Clubhouse support to delete all previous data.

But that doesn’t stop other users from uploading your phone number along with their contact lists—and that’s become a sore spot for people who don’t even use the app.

Clubhouse had turned on geofencing to limit users to servers in specific regions—excluding mainland China, for example. It also took steps to enable encryption that would limit Agora’s access to raw audio data. But Agora currently still has access to metadata, raw audio data, and the encryption keys.

However, security and privacy experts doesn’t recommend using Clubhouse for sensitive conversations, particularly if you’re concerned about information landing in the hands of the Chinese government.

Source: How to Use Clubhouse Without Giving Up Your Data – Consumer Reports

Russia to restrict processing of public data

Beginning March 1, 2021, Russia will impose restrictions on the processing of personal data publicly available on the internet and offline. The legislative changes are aimed at fighting the uncontrolled dissemination of personal information.

Under current law “On Personal Data” any data operator (the Russian equivalent of the term controller) may process personal data if the data subject made it publicly accessible or instructed another person to do so. There is no need to ground the processing on legitimate interests, the performance of a contract, data subject’s consent or other common lawful bases. When “Amendments to the Federal Law on Personal Data” No.519-ФЗ dated Dec. 30, 2020, goes into effect, this rule and the term publicly accessible data will disappear.

Source: Look but don’t touch — Russia to restrict processing of public data

Investigation Finds Facebook Did Little to Prevent Apps from Sharing Sensitive User Data

Governor Andrew M. Cuomo on February 18, 2021 accepted a New York State Department of Financial Services report detailing the findings of an investigation into the transmission of sensitive user data by application and website designers to Facebook.

Following a report by the Wall Street Journal, the Governor directed DFS to perform an investigation which found that app developers regularly sent Facebook sensitive data, including medical and personal data, derived from consumers’ usage of third-party websites and applications. The data was then shared with Facebook by app developers as part of Facebook’s free online data analytics services. Though such data-sharing violated Facebook policy, Facebook took few steps to enforce the policy or to block the flow of sensitive data prior to the state’s investigation.

Source: Press Release – February 18, 2021: Governor Cuomo Accepts Report from DFS on Facebook Investigation | Department of Financial Services

Facebook Starts Blocking Sensitive Medical Data Shared by Apps Over Privacy Concerns

Facebook has started blocking sensitive health information that third-party apps had been sharing with the social network in violation of its own rules, said New York officials who investigated the situation.

Data fed into a Facebook analytics tool by app makers included medical diagnoses and whether users were pregnant, according to a report shared by New York financial services department on Thursday.

“Facebook instructed app developers and websites not to share medical, financial, and other sensitive personal consumer data but took no steps to police this rule,” state financial services superintendent Linda Lacewell said in a release.

Source: Facebook Starts Blocking Sensitive Medical Data Shared by Apps Over Privacy Concerns | Technology News

European Commission Publishes Draft UK Data Transfer Adequacy Determination

On February 19, 2021, the European Commission published a draft data protection adequacy decision relating to the UK. If the draft decision is adopted, organizations in the EU will be able to continue to transfer personal data to organizations in the UK without restriction, and will not need to rely upon data transfer mechanisms, such as the EU Standard Contractual Clauses, to ensure an adequate level of protection.

Before the decision is formally adopted, the European Data Protection Board will issue a non-binding (although likely persuasive) opinion in relation to the decision. The European Parliament’s Committee on Civil Liberties also will issue a non-binding opinion in relation to the decision. The decision will be formally adopted after it has been approved by the EU Member States acting through the European Council.

Source: European Commission Publishes Draft UK Data Transfer Adequacy Determination | Privacy & Information Security Law Blog

Aiming to Cash In on Data, European Firms Grapple With Privacy Laws

Companies in Europe want to share the personal data of consumers with other firms or turn it into business applications without violating privacy rules, but there is no consensus on how to avoid revealing such potentially sensitive information.

Privacy restrictions in the European Union’s 2018 General Data Protection Regulation initially caused companies to reconsider whether they could cash in on personal data collected on consumers. Now, some companies are finding ways to avoid revealing that data, including consumers’ identities.

Full article: Aiming to Cash In on Data, European Firms Grapple With Privacy Laws

Swedish Police unlawfully used facial recognition app, says Privacy Watchdog

Upon news in the media of the Swedish Police Authority using the application Clearview AI for facial recognition the Swedish Authority for Privacy Protection (IMY) initiated an investigation against the Police.

The investigation concludes that Cleaview AI has been used by the Police on a number of occasions. According to the Police a few employees have used the application without any prior authorisation.

IMY imposed an administrative fine of SEK 2,500,000 (approximately EUR 250,000) on the Police Authority for infringements of the Criminal Data Act. IMY also ordered the Police to conduct further training and education of its employees in order to avoid any future processing of personal data in breach of data protection rules and regulations.

Source: Police unlawfully used facial recognition app – Integritetsskyddsmyndigheten

1 2 3 154