News

CDPI Privacy Newsletter

Categories : CDPI Privacy Newsletter

Children’s Privacy: NGL “Not gonna lie…” — but the app did to harm kids, says the FTC

July 16, 2024
In an unprecedented move, the US Federal Trade Commission (FTC) and Los Angeles District Attorney’s Office charged NGL (“not gonna lie”), a popular social media app downloaded millions of times, with cyber bullying and threatening teens and children. The company will be required to pay $5 million as part of a settlement that claimed its employees hooked kids into paying for services and preyed on them by tricking them into believing false messages of threats or solicitations produced by the company were sent by real users.
CDPI Privacy Newsletter

Brazil stops Meta from using citizen data for AI

July 9, 2024
The ANPD, Brazil’s regulator, has banned Meta’s use of Brazilian citizen data for AI training. The company, which recently decided to give itself permission to use Facebook, Messenger, and Instagram data from Brazilian users, has been given five working days to comply or risk daily fines of 50,000 reais (around $8,808). Pittance in Meta terms, but still a good stand to take in one of Meta’s largest markets.
CDPI Privacy Newsletter

IT’S THE LAW (07/09/2024)

July 9, 2024
The Rhode Island Data Transparency and Privacy Protection Act (RI-DTPPA) has just become the newest US state law and will take effect in 2026. It puts obligations on controllers that process personal data, either by doing business in the state or providing products or services to residents. Much of the protection is similar to that provided in other states, including confirmation of data, and the right for users to correct, delete, and opt-out of targeted advertising. However, the law does not obligate use of a user-selected universal opt-out mechanism (UOOM)... Read More >
CDPI Privacy Newsletter

Children’s Privacy: Worldcoin reverses to now protect Chile’s youth

July 9, 2024
Responding to legal pushback since it launched in Chile a year ago, Worldcoin will now bar children and adolescents from using biometric iris-scans in exchange for WLD tokens. The practice, which did not include requiring age-verification, prompted controversy and legal challenges. It has, unfortunately, so far resulted in the firm collecting scans on a whopping 1% of the Chilean population.
CDPI Privacy Newsletter

Children’s Privacy: Australian kid photos being scraped for AI – very scary!

July 9, 2024
Human Rights Watch has found images of children, some newly born, others in school or at play – from all across Australia – and including First Nations’ children, have been scraped from the web into a large LAION-58 data set. Numbers are not certain, since Human Rights Watch reviewed fewer than .0001% of the 5.85 billion images and captions held within the LAION-58 data set and used for AI training. But the rights group sounded the alarm because of the high risks to children and because data included in the... Read More >
CDPI Privacy Newsletter

EU Commission notifies Meta “Pay or Consent” fails DMA

July 2, 2024
No and no. The European Commission has sent Meta results of its preliminary findings, and they are the company’s “Pay or Consent” ad model fails the Digital Markets Act (DMA) on two big counts. These are that “Pay or Consent” 1) does not allow users to opt for a service that uses less of their personal data, and 2) that the mechanism does not allow users to exercise their right to freely consent to the combination of their personal data, so they violate DMA Article 5(2).
CDPI Privacy Newsletter

IAB finds Privacy Sandbox punching below its weight

July 2, 2024
The IAB Tech Lab convened senior leaders from 65 companies to evaluate Google Chrome Privacy Sandbox’s performance in 44 constructed critical advertising use cases to determine feasibility within a Protected Audience auction. Its result, published as the Privacy Sandbox Use Case Analysis, found the Privacy Sandbox “falls well short of what is needed to support a robust open web” in providing ad utility for brands against media companies’ ability to maximize revenue.
CDPI Privacy Newsletter

IT’S THE LAW (07/02/2024)

July 2, 2024
Implode. Collapse. Scrap. Near-fatal blow. Hate when this happens for privacy…. In an 11th-hour about-face, the US House Energy and Commerce Committee triggered by GOP House leadership resistance, cancelled major markups for the American Privacy Rights Act and the Kids Online Safety Act – prompted use of these sad words and more. The bills had been moving ahead with bipartisan support. Now, it’s virtually ensured neither bill can be agreed on this year. Way to go, privacy adversaries!
CDPI Privacy Newsletter

Had a breach fine? Bet you have!

July 2, 2024
If you’re a U.S. business, it’s virtually certain, according to the ISMS.Online State of Information Security report which found 100% of their survey respondents in the US reporting they’d been fined for data breaches or violation of data protection rules. The survey, which polled 1,500 security professionals from the US, as well as the UK and Australia found 38% of respondents said managing third-party and vendor risk was their biggest challenge. Managing compliance come in a close second at 33%.
CDPI Privacy Newsletter