CDP Institute

Edulog Parent Portal, a platform that enables parents of K-12 students to track bus location in real time, had an API bug that allowed access personal information, including kids’ names, geolocation and parental data.

The group, SDBN also has Amazon and X (formerly Twitter) in its sights.

This following US Senator Ron Wyden’s reveal that Apple and Google were providing governments collected data without user knowledge or consent.

A tip to US lawmakers indicated user data coming in regularly over Apple & Google servers is being provided to the US and unspecified foreign governments. The data is generated by app push notifications that alert users via audio “dings” when news or messages come in. Surveillance of that data can facilitate government surveillance of how users use specific apps. The companies have said, now that information has been revealed, they will reflect that transparency going forward. ??Why not before??

In a new initiative, the US Federal Communications Commission (FCC) is partnering with the Attorneys General of Connecticut, Illinois, New York and Pennsylvania to work to bolster and enforce privacy, data protection and cybersecurity. This will include ensuring enforcement of laws and collaborating on litigation where appropriate. The FCC is encouraging other states to join in.

Canada’s regulator issues new principles document for development and use of generative AI. This is part of a larger initiative to look at data privacy, but the regulator said the focus on AI is crucial because this game-changing technology demands a collective approach.

Apple’s report, “The Rising Threat to Consumer Data in the Cloud,” shows data threats increased steadily since 2022, and projections are threats will get even worse. Ransomware attackers are getting more dangerous and more likely to target organizations that hold particularly sensitive information.

Amazon’s court defense was deemed nonsensical by a judge.presiding over a suit brought by a Brazilian minor who claims a spycam hidden in a towel hook, and which was sold by Amazon, was in fact recording her in her private bathroom for months. This is one of many cameras disguised in IoT products that Amazon sells.

The acquisition brings to Osano’s enterprise capabilities the ability to audit data, identify privacy risks and conduct actionable reporting among others.

A proposed bill, entitled the Traveler Privacy Protection Act of 2023, proposes to stop the Transportation Security Administration (TSA) from using biometric facial recognition screening at airports. Currently, the TSA uses CAT-2 technology to digitally identify travelers without them knowing they’re being physically screened and in advance of them entering the security screening area.