CDP Institute

Major ed tech vendor, Illuminate Ed, just become the first company to be stripped of its Student Privacy Pledge ethical data designation following discovery that it didn’t encrypt all student data that it claimed. The Student Privacy Pledge program was created by the Future of Privacy Forum (FPF) to recognize and ensure ethical data practice for students. Illuminate Ed has also been referred by the FPF to the Federal Trade Commission (FTC) and to states’ attorneys general in California and New York for further action.

The real-time data solutions company’s objective is to maximize consumer privacy in the face of mixed laws and requirements at federal, state and local levels.

Just launched in Beta, this new carrier currently available for Android, offers their “Pretty Good Phone Privacy” (PGPP) domestic and international mobile data service that decouples user identity from the way devices connect to networks via cell towers. In this model, the system is designed to be blind and achieves that by assigning users multiple unique identifiers that can be changed over the course of a month, so while a tower might know a number belongs to you, it won’t know which of several you’re currently using. Plans are to... Read More >

Not a bad idea…it’s just that people are so overwhelmed by persistent privacy threats, data breaches, and being at the mercy of companies so enormous its nearly impossible to enact enough regulation or penalty to effect change. We might benefit more from top down advice from the FTC and swift action.

The European Union’s Court of Justice (CJEU) ruling this week in an anti-corruption case has legal experts considering broad implications, including for adtech, online platforms and apps due to liability from inferences drawn from personal data. The court’s decision relates to GDPR’s Article 9, which focuses on processing special categories of data and protecting personal sensitive data. The top EU court determined publishing the name of a spouse or partner amounts to processing sensitive data because it can reveal sexual orientation. This may remove a loophole in holding behavioral data that Big Tech and others have relied upon.

The data of millions of patients may have been collected by Facebook (Meta) via healthcare provider websites without people’s knowledge or consent. This comes via a Jane Doe, a claimant who alleges the company harvested her data via Meta Pixel code, which was embedded into a California health care center portal. This and a lawsuit last month, also from California, allege violation of California privacy regulation.

“Forget about it!” That’s pretty much the message from India’s government, which just nixed passing its Personal Data Protection Bill by withdrawing the bill this week without apology or explanation. Thus, the world’s largest democracy has opted to deny more than 1 billion people protection of this critical human right. Of course, this is the same government that recently saw fit to antagonize VPNs and cloud services operating there by establishing rights for aggressive collection of data at the whim of law enforcement or other officials.

The Cost of a Data Breach report from Black Kite looks at the financial and reputational damage caused by 2,400 cyber incidents that took place globally between 2017-2022 and can help companies understand where vulnerabilities have been to date and where things are trending. Clearly, companies need to act to protect themselves as cybercrime costs grows exponentially – up from $7 trillion in 2015 and expected to hit $10 trillion in the next three years. The report also compares attack methods and cybercrime’s impact on individual sectors.

School children are being monitored online as never before, particularly following the mass increase in remote engagement that occurred because of COVID and due to new concerns about the student mental health and on-site  physical safety. A report from the Center for Democracy & Technology (CDT) found student monitoring nearly ubiquitous, but also with minimal use training and a lack of safeguards against bias. Findings included: 1) monitoring is used more for discipline than safety; 2) teachers often lack training; 3) monitored students are at increased risk for encounters with... Read More >

A note from the country’s house speaker warned that TikTok posed a security risk of data being accessed by the Chinese government.

This results from a mulit-year investigation into their ad practices, including profiling and predicting shopper behavior.

At the same time, they are raising privacy advocate concerns about their utilizing data transferred via network operators, which is usually untouched.