CDP Institute

New York City adds broad biometric privacy controls for retail, restaurants, entertainment venues, similar to Illinois’s BIPA biometric law, to New York City’s Admin. Code §§ 22-1201. Businesses are required to post clear and visible signage near all customer entrances and provide detail on their practices with regard to biometric data collection and use of the information. This includes, but is not limited to facial, retinal, iris and fingerprint scans, and hand scans.

SafeGraph, which was partially funded by the former head of Saudi intelligence, has been banned by Google for selling location data of Android users. Apps working with SafeGraph now have to remove the location gathering code. Google also followed its own news about plans to phase out third-party cookies in Chrome by launching The Privacy Sandbox Timeline, a website that will provide updates on monthly changes.

Subscription weight-loss programs like popular Noom, often begin by having new members fill out extensive questionnaires about eating habits, body type, physical and mental health, and weight, implying they will customize their approach depending on your answers. Yet, a new study by Privacy International comparing Noom, BetterMe, and VShred, found that participants were provided largely the same thread of questions and same recommendations regardless of information provided. And it found the apps collecting what can be considered sensitive health data, while at the same time reserving the right in their... Read More >

Google announced it will soon allow requests for removal of Google images for anyone under 18 as part of a way to give minors more control of their digital footprint. Other planned changes include: 1) a change to YouTube’s default for ages 13-17 to the most private option; 2) Google Location History will remain off without an option to turn it on for users under age 18; and 3) ad targeting will be blocked based on age, gender or interests of users under age 18.

The privacy-by-design app has been downloaded around 215,000 times and plans for a web version are underway.

Seventy-page guide covers activities, controls, and documentation companies should implement, and has information on how GDPR and other laws align to each other.

The Securities and Exchange Commission announced that Pearson has agreed to pay $1 million to settle charges that it tried to hide and downplay a 2018 data breach that led to the theft of student data and administrator log-in credentials of 13,000 school, district and university customer accounts in the United States.

Apple is expected to introduce a “neural matching” tool to detect if iPhone photo images match child sexual abuse records, according to a security expert at Johns Hopkins Security Institute. There are several concerns, including that this would set precedent that systems can be allowed to scan phones for prohibited content.

A security team at vpnMentor discovered that an Elasticsearch database containing 126 million records had been left open, unsecured and exposed to internet access. The open records contained detailed personal data ranging from job information to home IP addresses.

Nigeria announced a mandate that citizens must link their mobile numbers to a national ID number by October 31, 2021 or risk being blocked from telecommunication services. Citizens and rights groups are objecting to this and to the country’s national ID enrollment due to fears that Nigeria’s lack of data privacy laws will leave data exposed to abuse.

Prepare to purchase goods with a wave of your hand at Amazon’s checkout-free stores! Now, palm-scanning hardware makes it easy for Amazon to capture every detail of your hand and then let a simple palm-signature swoosh buy goods, while helpfully providing data about your shopping history. You can also look forward to receiving targeted ads, offers & recommendations…like it or not.

Leaked documents have revealed that Google fired dozens of employees between 2018 and 2020 for company data misuse, including leaking, stealing, or abusing data of users or other employees. Facebook, meanwhile, has been called out by the Federal Trade Commission (FTC) for making misleading claims on why it cut off the accounts of ad researchers from New York University who were studying political ad use on the platform. Read More – Google Read More – Facebook