CDP Institute

Woolworths has raised ire for its dubious new improvement of adding surveillance cameras to monitor customers (without notification) using self-checkout in 100 of its Australian stores. Woolworth, which plans a larger rollout to more stores, bills this as a way to prevent “accidental” wrong scans. It also concedes its use monitoring for shoplifting and says the footage has been used for staff training (though promises that people’s faces and keypad punches are blurred to prevent identification). Regardless, customers are not being informed or given a chance to consent so may... Read More >

As part of Brexitification, the UK is about to turn over supervision of WhatsApp and Meta data to US global regulators, rather than having it supervised in Ireland as it is now. Meta is in the process of issuing a new privacy policy and assuring UK users that this will be just fine, and barely anything will change.

Coming in Q2 2023 major changes to Hong Kong’s privacy laws. Hong Kong’s Privacy Commissioner says plans include mandatory breach notifications, direct regulation of data processors with regards to data retention and security, and a requirement for data users to have a clear retention policy.

Consumers know the more they do digitally, the more their data is at risk. According to Daon’s survey of more than 3,000 US and UK consumers, people foresee cybersecurity threats persisting and believe these will continue to outpace the cyber technology to control them. Most surveyed want more security for financial accounts (93%) and to have their identity protected (91%). Participants also said they would be willing to take extra security steps daily (91%), including use of biometrics (81%).

The social media app, available on Android and iOS and similar to Gas, a compliments-based app, was recently found to have an internal database with no password that allowed easy access to the data of more than 153,000 users.

The suit, which was filed in Kenya in December, alleged that inflammatory comments on the social platform may have fueled sentiments over Ethiopia’s civil war.

Synthetic data is generated using computer algorithms and takes a real data set, then employs AI to learn patterns from that data and finally produces similar data in volume. Gartner projects this area will account for 60% of information for analytics projects by 2024 and it will address the growing need for large volumes of data in the absence of consent for data set harvesting.

White Castle and a dozen business groups are trying to hold back against a ruling from Illinois’ Supreme Court that claims the company should pay $17 billion+ as a penalty for repeatedly collecting employee biometric data without consent. “Repeatedly” is key here, since the court wants to charge White Castle for each time they scanned the 9,500 employees, while company lawyers argue it should only be charged for the initial scan.

TikTok, which has been running afoul of EU regulators and recently received warning tougher rules are planned this year, has announced plans for two new EU data centers. The intent is to migrate the company’s EU user data there to be stored and managed locally.

New regulations and changes to existing laws are expected this year and soon after in Asia. India and Vietnam have legislation in process; and Australia, Japan, Korea, New Zealand and Singapore are looking to more closely align with the EU’s GDPR. Morrison & Foerster’s overview looks at changes evolving with regard to scope, cross-border transfers, breach notification rules and enforcement.

A true/false test taken by 2,000+ US consumers found 77% still don’t understand how they’re being tracked by companies. Not surprising, since privacy policies have so often been written in ways to obscure the information. According to this test conducted by the University of Pennsylvania Annenberg School, it would be good for the Federal Trade Commission to set more stringent limits (as it seems to plan to do) on data collection by companies, rather than to rely on individuals to opt in or out of having data collected on them.

Ever click from social to a brand site to make a purchase, or go back to the company site to buy later? According to a Simplicitydx survey of more than 3,000 US consumers’ social shopping behavior, only 23% reported clicking over, directly as opposed to 48% who said they would return to the brand website later to buy. That’s because trust levels in social are still low. It also makes for massive underreporting – as much as 245%, according to Simplicitydx – of the conversion rate.