CDP Institute

In a move to protect consumers from fraud, stalking and spies, the Consumer Financial Protection Bureau (CFPB) wants to limit data brokers’ ability to sell Social Security numbers and other sensitive personal information and limit that to instances where it is deemed necessary, such as for obtaining a mortgage. The idea is for brokers to assume the role of “consumer reporting agencies” that must meet accuracy requirements and provide safeguards against data misuse.

Peru introduced new data privacy regulation to come into effect in March. Key changes include non-territorial application, providing more data to owners on how their data will be collected and used, expediting breach notification, and working to secure age verification when processing data of minors.

It’s easy to glaze over or skip information that companies lay out in their Terms of Service (ToS) and Privacy Policies (PP) – as companies hope and bet that we will. So, it helps that Website Planet took a close look for us in an analysis of 57 major companies ranging from Apple and IBM to Reddit and Tesla to find out how they handle data privacy, children’s data, and payment data and to recommend what we should look for in companies’ privacy trust worthiness. Apple was alone in scoring... Read More >

TikTok, Reddit and Instagram are among the the latest to come under fire from Texas’ attorney general. The state regulator is looking at whether they’ve violated two laws, the Securing Children Online through Parental Empowerment Act and the Texas Data Privacy and Security Act, which restrict how kids’ data can be used and to guard against publication of harmful content.

Thirty-two US attorneys general (19 Republican and 13 Democrats) are acting in concert to push for passage of the Kids Online Safety Act (KOSA). They jointly sent a letter to Congress calling for the federal government to expedite passage of the new legislation to both protect children and to supplement efforts of individual states.

Two huge US data brokers, Mobilewalla Inc. and Gravy Analytics, have just been served with bans from the Federal Trade Commission (FTC) for their collection and sale of consumer location data. While not household names to consumers, they process billions of units of data which they’ve sold without consent. In the case of Mobilewalla, one of the largest data brokers in the world, the FTC says they tracked profiles from 1.6 billion devices across more than 35 countries and then sold it to third parties. Gravy Analytics, via a subsidiary,... Read More >

Two US government agencies are recommending citizens consider using encrypted communications apps in the wake of one of the largest intelligence compromises in the country’s history. Companies including AT&T, Verizon and Lumen Technologies were hacked prior to the election by what is believed to have been China, though it denies involvement. The breach included access to mass call records, metadata, and phone calls. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) don’t know how long it will take to fix, so those wanting privacy should act.

Vietnam’s Law on Personal Data Protection (PDP) passed with 94% approval. The regulation has been expedited to go live July 1 to provide robust regulation of data use. Vietnam’s Standing Committee has recommended amendments to reinforce guidelines on international data transfers and to establish a national database to share data resources.

No need to rush, apparently, in the face of child pornography abuse. But, after years thinking it over, Telegram decided to join Google’s YouTube and others, in actively using tools to “detect, disrupt, remove, and block” child sexual abuse imagery. That’s good given the platform has 950+ million active users/month. Sooner would have been even better.

A US$1.2 billion lawsuit has been brought against Apple in California for failing to protect victims from child sexual abuse material (CSAM). This after the company abandoned a proactive plan to scan iCloud images for CSAM.

This means a tourist visit to Spain could now involve sharing lots of personal information – 40+ personal details for hotel stays and 60 personal data items when renting a car.