fbpx

Download free GDPR compliance checklist!

Tag Archives for " US "

Facebook Threatens to Leave Europe Due to Proposed New Data-Sharing Regulations

Facebook has hit back at a proposed new regulation which would limit the sharing of European user data with the US-based company.

Earlier this month, the European Union privacy regulator sent a preliminary order to Facebook which called for it to suspend data transfers about its EU users back to the US. That would essentially force Facebook to keep EU user data in Europe, and implement new restrictions on data-sharing between nations.

And now Facebook has issued an official response, saying that, if such rules are implemented, it may be forced to stop operating both Facebook and Instagram in Europe entirely.

Source: Facebook Threatens to Leave Europe Due to Proposed New Data-Sharing Regulations | Social Media Today

Homeland Security warns of a ‘critical’ security flaw in Windows servers

US Homeland Security has issued an emergency alert for a Windows security flaw, Zerologon, that allows attackers to compromise entire networks.

The flaw in the Netlogon Remote Protocol lets attackers with network access “completely compromise” Active Directory services on a network without using a sign-in —a hacker could run amok if they get through.

Source: Homeland Security warns of a ‘critical’ security flaw in Windows servers | Engadget

Republicans Introduce Privacy Bill That Would Override State Laws

Four Republican senators have introduced a privacy bill that would override state privacy laws, other than ones requiring notifications of data breaches.

The proposed law would require companies to obtain consumers’ affirmative consent before transferring their “sensitive” information — which the bill defines as including financial account numbers, persistent identifiers, precise geolocation data, and data revealing people’s race, ethnic origin, religion and sexual orientation.

The Setting an American Framework to Ensure Data Access, Transparency, and Accountability Act (SAFE DATA Act) would also require companies to allow consumers to access, edit and delete data about them.

Source: Republicans Introduce Privacy Bill That Would Override State Laws 09/21/2020

Data Privacy Increasingly a Focus of National Security Reviews

Oracle’s bid to partner with TikTok app may not be a standard-issue business deal, but it’s increasingly the sort of arrangement that undergoes a national security review.

Treasury Secretary Steven Mnuchin said Monday that the Oracle bid would be reviewed by the Committee on Foreign Investment in the U.S., a national security panel that is best known for reviewing outright foreign takeovers of U.S. companies.

The Oracle deal, by comparison, involves an arrangement with TikTok to move data on American users to Oracle’s cloud-computing infrastructure in the U.S. to prevent it from being shared with the Chinese government.

Source: Data Privacy Increasingly a Focus of National Security Reviews – WSJ

IoT Security Bill Passed in House of Representatives

The House of Representatives has passed a bill governing the security of the Internet of Things.

The “Internet of Things Cybersecurity Improvement Act of 2019” sets baseline cybersecurity standards for IoT devices purchased by the federal government.

The Senate Homeland Security Committee advanced a similar bill last year.

Source: EPIC – IoT Security Bill Passed in House of Representatives

IRS offers grants for software to trace privacy-focused cryptocurrency trades

Grants of up to $625,000 will be issued in exchange for cryptocurrency tracking technologies.

The US Internal Revenue Service (IRS) is soliciting proposals from contractors that believe they can develop technologies able to shatter the privacy surrounding cryptocurrency transactions.

Prototypes and suggested methods to trace cryptocurrency transactions should including tracking capabilities for law enforcement, predictive analytics, and should have as little reliance on vendor-specific technologies as possible.

Source: IRS offers grants for software to trace privacy-focused cryptocurrency trades | ZDNet

IBM pushes for US to limit facial recognition system exports

IBM has called for the US Department of Commerce to limit the export of facial recognition systems, particularly to countries that could potentially use it for mass surveillance, racial profiling, or other human rights violations.

In a letter [PDF] to the Commerce Department, IBM highlighted the need for tighter export controls for facial recognition technologies that employ for what it referred to as “1-to-many” matching.

Source: IBM pushes for US to limit facial recognition system exports | ZDNet

Council of Europe Suggests Convention 108+ as Schrems II Data Transfer Solution

“Convention 108+ (Convention 108 as amended by the protocol) is set to become the international standard on privacy and data protection in the digital age, and represents a viable tool to facilitate international data transfers while guaranteeing an appropriate level of protection for people globally,” say Alessandra Pierucci, Chair of the Committee of Convention 108 and Jean-Philippe Walter, Data Protection Commissioner of the Council of Europe.

“Being Party to the Convention 108+ could in the future also facilitate the case-by-case assessment that companies are required to do [following the Schrems II judgement] in the context of standard contractual clauses, regarding the essentially equivalent level of protection to be guaranteed”.

Source: Council of Europe Suggests Convention 108+ as Schrems II Data Transfer Solution

Oracle Enters Deal with TikTok to be “Trusted Tech Provider” to the U.S

Oracle, of the nation’s largest data brokers, has confirmed a deal with TikTok’s parent company ByteDance to become a “trusted technology provider” to the U.S.

The U.S. government previously raised concerns about the protection of user data collected by the popular video sharing app, especially given the power of the Chinese government to obtain data from TikTok.

Source: Oracle Enters Deal with TikTok to be “Trusted Tech Provider” to the U.S

Revised, Washington State Privacy Legislation Moves Forward

The Washington Privacy Act is back and now includes provisions for handling personal data during a public health emergency such as a pandemic.

Its provisions are closer to the European Union’s General Data Privacy Regulation (GDPR) than the California Consumer Privacy Act (CCPA).

Source: Revised, Washington State Privacy Legislation Moves Forward

1 2 3 65
>