CDP Institute

A mass data breach that’s considered the second largest known after a one billion record breach in China earlier this summer, has been revealed also in China. In this case, human error at the Hangzhou tech company Xinai Electronics inadvertently exposed facial data of 800 million people. Additionally, the company’s database ties to its cloud-based vehicle license plate recognition system. Xinai’s exposed data was not password protected and was found easily available on the web, according to the data researcher who discovered it.

Public records acquired by the Electronic Frontier Foundation (EFF) from state and local US law enforcement agencies reveal Fog Data Science is enabling surveillance of hundreds of millions of people by collecting billions of data points captured from common phone apps and then selling it illegally – bypassing the need for buyers to obtain a search warrant. The company collects and tracks geolocation data and can trace activity over months and years. This harkens back to a 2015 class action that occurred when Carrier IQ, a now defunct company, was found tracking keystrokes belonging to millions of people, then selling the data to third parties in violation of multiple laws.

Eureka!! California breaks the log jam and forges ahead with privacy legislation – in the US, and for kids! Meet the California Age-Appropriate Design Code Act (ADCA). Modeled on the UK’s Age-Appropriate Design Code, this game-changer now awaiting the governor’s signature, will go much farther than the federal Children’s Online Privacy Protection Act (COPPA) protecting teens and children by default. Specifically, online sites deemed likely to access youth data will not be allowed to share that data unless they can prove: 1) it is necessary to do so to provide a specific service, or 2) that doing so is in the young person’s best interest. Further, businesses will in most cases be required to implement the most privacy-protective settings by default, and there’s no provision built in for parents or kids to opt-out via consent.

TrustArc’s third annual Global Privacy Benchmark Report found that as the list of global laws has grown and risks become more prevalent, demands on companies have increased substantially. Now 90% of medium and large enterprises have privacy offices, but the reporting line still varies significantly, with 18% reporting to a CPO, 16% respectively to a CISO or CFO, 13% to a CTO, and 10% to a CIO.

The fine is the second highest levied under GDPR (after Amazon) and the third highest for a Meta-owned company (after WhatsApp and Facebook) handed down by the Irish regulator. Plus, according to Politico which broke the story, the Irish DPC has at least six more investigations pending of Meta-owned companies. More information will be released by the DPC within the week.

Ironically, just last month Kocheva was lauded for announcing a new Privacy Block feature that is intended to protect health data on its platform – but, they can’t have it both ways and users will need to consider where to put their trust.

This robot dog can differentiate and identify friend or foe, and it can also be deployed in areas where it is otherwise deemed too dangerous to go.

It will be housed within a new website hosted by the Better Business Bureau.