In Brief: Amazon Halo is “most invasive tech” [Washington Post] December 15, 2020 Always-on listening & full-body health critique. CDPI Privacy Newsletter
IT’S THE LAW (12/15/2020) December 15, 2020 Facebook, Google and Apple are targets of EU draft legislation introduced to curb their global control. The Digital Services Act (DSA) and Digital Markets Act (DMA), backed by fifteen former presidents and premiers of EU states, aims to shift the power balance away from big tech. CDPI Privacy Newsletter
U.S. government and states negotiating about how much vaccine data will be shared December 15, 2020 As Covid-19 vaccines begins to roll out, the government’s Operation Warp Speed is asking states to turn over data to be stored in a new national Data Clearinghouse to help track and manage the vaccination program. Most states have agreed, but some including New York and Minnesota have raised concerns about some personal information that’s been requested. Key issues are whether data could get into the wrong hands and if what’s being collected might keep some immigrant populations from participating in the program. CDPI Privacy Newsletter
Second round of funding for Skyflow since May December 15, 2020 Skyflow raises $17.5M in series A funding for privacy vault technology Skyflow loads sensitive customer data into a cloud-based vault so companies don’t have to store it for themselves. Information is encrypted, enabling companies can analyze it without exposing the underlying data. CDPI Privacy Newsletter
In Brief: Desjardins FinTech breach is largest in Canada, affecting 9.7M people December 15, 2020 Malicious employee siphoned data for 2 years. CDPI Privacy Newsletter
EU Agency for Fundamental Rights (FRA) warns predictive AI poses risk for mass surveillance December 15, 2020 Vienna-based watchdog FRA has requested guidance from the EU on how its current rules apply to AI for “high-risk sectors,” including healthcare and transportation. In part, the agency wants to ensure that people can approve decisions made by AI and require companies to explain how their systems utilize AI. CDPI Privacy Newsletter
Could Alexa be hearing your PIN drop? December 8, 2020 A new University of Cambridge study indicates voice assistants like Alexa, Amazon Echo and Google Home can pick up room noise including keyboard taps that malicious actors might subsequently use to discover your PINs. This is an increasing privacy threat as we add more smart speakers throughout our workplaces and homes. CDPI Privacy Newsletter
Just-in-time help to comply with Apple’s new app rules December 8, 2020 Data Theorems’ new privacy toolkit and data leak dashboard helps speed compliance Apple’s rule that developers must disclose information collected and 3rd-party sharing is a big burden. Data Theorem has a quick and easy-to-use tool set to make this easier to automate, monitor and fully disclose details. CDPI Privacy Newsletter
Surfshark’s issues map series of drone privacy laws in 210 countries December 8, 2020 The data security firm collated information on legislation to show where drones are prohibited or welcome to fly. They want to see support for an international privacy framework for drone legislation. CDPI Privacy Newsletter
In Brief: New EU privacy rule threatens child abuse monitoring December 8, 2020 Children’s advocacy groups fear loss of access to key data. CDPI Privacy Newsletter
IT’S THE LAW (12/8/2020) December 8, 2020 New Zealand’s Privacy Act 2020 went into effect December 1. Key changes include: 1) Businesses must notify the Office of the Privacy Commissioner if they lose data or experience a breach; 2) The Act now applies to all businesses that do business in NZ, regardless of where they’re based; and 3) Data can only be collected when need is demonstrated. CDPI Privacy Newsletter
Offering ways to use sensitive data for analytics December 8, 2020 Privitar adds Right to be Forgotten and features for safe use of sensitive data The new version of Privitar’s Data Privacy Platform simplifies compliance for Right to Be Forgotten requests. It also is able to retain de-identified data for machine learning and analytics use, if desired. CDPI Privacy Newsletter