CDP Institute

Of 1,000 people in the US and UK, 82% reported they maintain moderate data privacy.  But in practice 83% are somewhat comfortable sharing biometric data and 64% say they would consider trading data for more personalization and convenience.

Emergency U.S. legislation proposed for healthcare privacy protection Looking to safeguard data not protected by the Health Insurance Portability and Accountability Act (HIPAA), Democrats in the U.S. House and Senate reintroduced the Public Health Emergency Privacy Act that was first proposed last spring. It is meant to address security issues related to COVID-19 response.

In a clear demonstration of how difficult it can be for consumers to exercise their privacy rights, Consumer Reports found that even trained agents could not get many requests done successfully. Utilizing California's "authorized agent" provision, 124 Consumer Reports agents reached out to 21 companies, including Airbnb, Amazon, Comcast, Home Depot and Starbucks to use Data Subject Access Requests (DSAR) and other company privacy preference mechanisms to make account changes.

Epsilon to pay $150M in settlement with U.S. Department of Justice As part of a remediation agreement, Epsilon will pay a total of $150M including $127.5M in compensation victims of fraud schemes resulting from sale of Epsilon data. The company had used data modeling to build and sell lists of customers, many elderly, deemed most likely to respond to marketing solicitation.

The company disputes the charges but Canada’s privacy watchdog plans to proceed with actions if Clearview doesn’t cease collecting biometric data on citizens and delete all previously collected.

Company offers a full suite of privacy tools and is also working with the Mayo Clinic to train algorithms on encrypted data to effect compliance and legal processing around shared data.

Warning that use of facial recognition technology poses a risk to individual privacy and can negatively affect human dignity and rights, the Council specified that it should only be employed on an appropriate legal basis. They said it should not be used in uncontrolled environments; in ways that may promote racial, sexual or religious discrimination; or to determine personality traits, sentiments, or personal mental health.

Records of 1.6M exposed, including Social Security numbers and banking data.

UN Secretary-General Antonio Guterres has called for a global regulatory framework to rein-in the power of social media companies like Twitter and Facebook. Speaking at a news conference, Guterres expressed grave concern about the amount of data the companies control, the potential use of that data to influence politics and our behavior, and the risks of allowing these companies to continue to have unrestricted power over our lives.

On a more positive privacy note, Apple offered an easy-to-understand story that illustrated how its privacy controls can make a big difference.  Following the simple story of a dad taking his daughter to the park, Apple shows step-by-step how much data could be revealed by looking up the weather, checking a map, taking a photo, and other common actions — and how much of that sharing its privacy controls would prevent.

As more people are vaccinated and we move toward a return to public events, travel and gatherings, there is a clear need to have a valid, secure way to confirm whether a given person has been vaccinated. The Commons Project and a group of health and technology companies including Microsoft, Oracle, Salesforce, Cerner, Epic and Cigna are looking to develop common standards for health cards, via a new file type that could hold vaccine records without violating privacy.

A convenient-for-Facebook secret arrangement previously made with the UK’s ICO resulted in the UK’s information commissioner’s refusal to answer whether Facebook completed a publicly promised app audit. This after Facebook was wrist-slapped with a meager £500,000 penalty and walked away with an unspecified amount of user data.