CDP Institute

This is in violation of the state’s Biometric Information Privacy Act (BIPA).

The collaboration will enable EDO to identify which ads are being viewed within a specific geographic area and to assess how successful the ad is in market.

As fines for Meta go, Turkey is well behind the EU and UK numbers, coming in at only $18.6 million, compared with $267 million and $70 million respectively. But, Turkey’s judgement that Meta obstructs its competitors by combining data from separate services it operates, threatens the core of its ad business, which is predicated on collecting and compiling data for profiles from its multiple services and being able to micro target using that information.

Following a denial last week, health insurer Medibank admits 200 gigabytes of company data on close to 4 million of their customers was illicitly accessed. This after perpetrators threatened the company it would target its most prominent customers – and revealed data set samples to prove this was possible. This is a big concern for multiple reasons: the company concealed the breach; the attackers can potentially use the data that, in addition to personal identifiers, includes information on diagnosis’ and procedure recommendations; and Medibank was not insured against cybercrime, so... Read More >

Australia, which suffered several high-volume, high-profile data breaches in recent weeks – including Medibank’s this week – is about to make significant legislative changes including huge hikes in penalties for breaches. The plan to be presented to parliament this week is to increase the maximum for serious or repeated breaches from the current AUS $2.22 million to AUS $50 million; or the greater of 3x the value of any benefit, or 30% of a company’s adjusted turnover in the relevant period.

Don’t underestimate individuals in this new privacy world! DataGrail’s new survey reveals how strongly people feel about privacy and how far they’ll go to protect theirs. Of more than 2,000 surveyed, 57% feel fed up or creeped out by privacy practices, 67% are willing to pay $100+ annually to keep their data safe, and 75% are prepared to abandon the brands that don’t protect their data.

Educational technology companies, which saw massive global growth during COVID, have often played fast and loose with student data. But the US Federal Trade Commission (FTC) has raised the stakes by charging the three-quarter billion dollar per year industry leader Chegg with having exposed the data of 40 million users. And ever more alarmingly, the Chegg data found available for sale includes highly sensitive details on student religion, sexual orientation, disabilities, and parental income. How was this possible? Easy, since Chegg had gave employees and outside contractors an all-access password... Read More >

The free tool can be used by data protection officers, data processors, and consultants. Information is organized in sections, and once information is provided for review, it is then deleted for privacy protection.

State officials could ask vaccine recipients for consent to keep the data, but there are no signs that’s a priority. What’s the downside? Once the records are purged, the only way the individuals or medical professionals who care for them can figure out whether they were previously vaccinated, is if they can show their paper vaccine card. A bit primitive and vague for a state in a world-leading country, but remember we’re talking about Texas.

The solution can be delivered as an end-to-end system or a software library.

The Competition Commission of India issued a $162.9 million fine and issued a cease and desist order to stop Google’s anti-competitive practices of favoring its own suite of Android apps over competitors’. The ruling comes at the same time lawmakers in Asia, Europe and the US are examining Google’s market dominance. Last month, the company received a massive $4 billion fine from the EU also related to Android.

Clearview AI, known for its persistent view that privacy laws don’t apply to them, has raised its impertinence to a new level ignoring France’s regulator, CNIL, altogether. CNIL, which deemed Clearview in violation of GDPR and ordered it to stop processing French citizen data, responded by imposing its maximum fine of €20 million. This follows €20 million fines each from Italy and Greece against Clearview, and a lesser amount from the UK. Problem is that regulators' limited legal resources make it difficult to enforce these. But that may change once plans for the EU bloc’s AI Act moves forward.