Download free GDPR compliance checklist!

Tag Archives for " US "

Wyden proposes banning sale of personal data to ‘unfriendly’ governments

The proposal would treat Americans’ personal data with the same caution as powerful weaponry, using export-control laws to block its sale to countries marked as potential security threats.

The draft bill, which Wyden began circulating to lawmakers for discussion Thursday, would join a set of federal privacy proposals that would also restrict the sale of Americans’ personal information to U.S. companies, intelligence agencies and the police.

The move could disrupt the multibillion-dollar data-broker economy that seeks to monetize the digital footprints Americans leave behind every day — cellphone locations, browsing histories and credit card purchases that are gathered, bundled and sold for marketing and intelligence purposes without government regulation or oversight and without most people being aware of what information is being shared.

Source: Wyden proposes banning sale of personal data to ‘unfriendly’ governments – The Washington Post

House fails to pass WPA but bill ‘remains alive’

The Washington state House of Representatives failed to advance the Washington Privacy Act Sunday, its last day to pass the bill this session, but its fate is not yet set in stone.

The chamber is still negotiating a compromise, and a representative of sponsor State Sen. Reuven Carlyle, D-Wash., said he believes “the bill remains alive through the end of the legislative session.”

If the WPA does not pass the House, this would be the third year in a row a version of the legislation — which aims to give consumers data rights, including the right to access, correct or delete data — has failed.

Source: House fails to pass WPA, bill sponsor says it ‘remains alive’

Surveillance exposes limits of transatlantic AI collaboration

The European Commission will propose legislation on artificial intelligence this month, and it has taken pains to emphasize that its priority is to strictly regulate what it deems “high-risk” uses. One example is the use of facial recognition technology in public places, which digital rights groups argue could enable widespread biometric surveillance. Commission President Ursula von der Leyen even hinted at banning such uses, saying the Commission “may need to go further” in regulating AI technologies “incompatible” with European human rights.

But Europe’s drive to put privacy front and center of its AI strategy could limit the scope of its collaboration with the U.S., which appears to be less concerned about surveillance. “The illegal use of personal data for facial recognition is not compatible with European fundamental rights and poses an issue for transatlantic cooperation on AI,” said Green MEP Alexandra Geese, who’s a member of the Parliament’s artificial intelligence committee.

Source: Clearview scandal exposes limits of transatlantic AI collaboration – POLITICO

Your ‘smart home’ is watching – and possibly sharing your data with the police

Smart-home devices like thermostats and fridges may be too smart for comfort – especially in a country with few laws preventing the sale of digital data to third parties.

This problem stems from the US government buying data from private companies, a practice increasingly unearthed in media investigations though still quite shrouded in secrecy. It’s relatively simple in a country like the United States without strong privacy laws: approach a third-party firm that sells databases of information on citizens, pay them for it and then use the data however deemed fit.

Full article: Your ‘smart home’ is watching – and possibly sharing your data with the police | Technology | The Guardian

After A Major Hack, U.S. Looks To Fix A Cyber ‘Blind Spot’

The National Security Agency considers itself the world’s most formidable cyber power, with an army of computer warriors who constantly scan the wired world. Yet by law, the NSA only collects intelligence abroad, and not inside the U.S.

U.S. rivals like Russia are aware of this blind spot and know how to exploit it, as the NSA director, Army Gen. Paul Nakasone, explained recently to the Senate Armed Services Committee.

In a major breach last year, hackers widely believed to be from Russia’s foreign intelligence service, the SVR, placed malware on a software update produced by the Texas company Solar Winds.

No one had reason to be suspicious, or the legal authority to monitor, as that software update was sent out electronically from SolarWinds to 18,000 organizations, including nine U.S. government agencies.

Source: After A Major Hack, U.S. Looks To Fix A Cyber ‘Blind Spot’ : NPR

Platforms, not regulators, are driving data privacy enforcement

Unlike GDPR or CCPA, the moves Google and Apple are about to make will cause immediate shockwaves the day they are implemented.

The intent of GDPR — to give users back more control over their personal data and ensure it’s not misused by hidden players in the digital advertising ecosystem — has resulted in a horribly confusing, annoying user experience in Europe.

Privacy activists believe regulators have failed to properly enforce the law at scale. In the U.S. the lack of federal privacy law has left the door wide open for Google and Apple to call the shots.

The privacy-led changes driven by platforms Apple and Google are all bite. Plus, they are binary — not open to interpretation. Naturally, that results in people questioning whether this biting behavior is fair and the underlying reasons are honest or have a double agenda

Full article: Platforms, not regulators, are driving data privacy enforcement

Army Wants to Automate Base Access With Facial Recognition

The Army wants to make sure drivers entering bases through automated checkpoints are, in fact, who they claim to be, and is developing a new biometric camera system to assist.

The military branch issued a call on its Small Business Innovation Research, or SBIR, broad agency announcement—a contract vehicle used for working with small businesses on phased, iterative development programs—seeking early-stage design for a camera system able to pull usable images of drivers approaching checkpoints and matching those photos against a facial biometric database.

Source: Army Wants to Automate Base Access With Facial Recognition at Drive-Thru Checkpoints – Nextgov

Privacy Oversight Board Releases Report on EO 12333

The Privacy and Civil Liberties Oversight Board released its report on Executive Order 12333, which provides broad legal authority for data collection.

The Oversight Board reviewed counterterrorism activities—two on classified CIA programs and one on NSA’s XKEYSCORE.

XKEYSCORE is a tool used to search data collected under Executive Order 12333 that was revealed by the Snowden revelations.

Source: EPIC – Privacy Oversight Board Releases Report on EO 12333

Software vendors would have to disclose breaches to U.S. government users under new order

A planned Biden administration executive order will require many software vendors to notify their federal government customers when the companies have a cybersecurity breach, according to a draft seen by Reuters.

A National Security Council spokeswoman said no decision has been made on the final content of the executive order. The order could be released as early as next week.

The proposed order would adopt measures long sought by security experts, including requiring multi-factor authentication and encryption of data inside federal agencies.

Source: Exclusive: Software vendors would have to disclose breaches to U.S. government users under new order: draft | Reuters

Google Hit With Privacy Suit Over Real-Time Bidding

Google’s real-time bidding system violates users’ privacy by disseminating their personal data with “thousands” of outside companies, two web users allege in a new lawsuit against the company.

“Google actively sells and shares consumers’ personal information with thousands of entities, ranging from advertisers to publishers to hedge funds to political campaigns and even to the government, through its Google Real-Time Bidding system,” California resident Benjamin Hewitt and Missouri resident Kimberley Woodruff allege in a 118-page class-action complaint filed Friday in U.S. District Court for the Northern District of California.

Source: Google Hit With Privacy Suit Over Real-Time Bidding 03/30/2021

1 2 3 79