Data Privacy
Hamburg’s data protection commissioner has stated that H&M in Nuremberg had collected private information about employees including family issues and religious beliefs. The data had been collected on a network drive and had been accessible for up to 50 managers. The incident got public when the data had been briefly visible for all people on the network.
H&M has been fined €35.3 million and the company stated that the practices uncovered in Nuremberg did not align with the guidelines of the company.
Police forces across Ontario engaged in broad, illegal searches of a now-defunct Covid-19 database, two civil rights groups alleged Wednesday, claiming the use of the portal violated individual privacy rights for months.
Following an announcement of Facebook Ireland's head of data protection Yvonne Cunnane, it is not clear how the company "could continue to provide the Facebook and Instagram services in the EU" following a preliminary order to stop the data transfer of European customers to servers based in the United States.
Ireland’s Data Protection Commission (DPC) had voiced concerns over possible surveillance of the data by the United States government.
Facebook wrote, in a blog post towards its developer community, the changes being implemented in iOS 14 that the company "ability to deliver targeted ads on iOS 14 will be limited.".
According to Facebook, the update will probably mean that app developers will receive less advertising revenue due to the fact "some iOS 14 users may not see any ads from Audience Network, while others may still see ads from us, but they'll be less relevant."
The beta version of iOS 14 was released earlier this week, implementing a set of anti-tracking measures that limit the ability of advertisers to track a particular user and deliver highly tailored advertising.
In a new lawsuit, filed Monday in Redwood City, Facebook is accused of collecting, storing and profiting from biometric data of more than 100 million Instagram users, without explicitly asking for their consent.
According to the suit, Facebook started informing Instagram users about their biometric data being collected only at the beginning of 2020, which allegedly violated an Illinois privacy law.
Last month, the social media company offered to pay $650 million to settle a different lawsuit in which it was accused of illegally collecting biometric data through a photo-tagging tool provided to Facebook users.
The Wall Street Journal reported Tuesday TikTok’s Android app collected its users’ MAC addresses for 18 months in violation of the platform rules. The MAC address serves as a unique identifier for each user’s device.
Since 2015, both the App Store and the Google Play Store had banned the collection of MAC addresses as a matter of policy, but the video app used a loophole. According to the Journal, nearly 350 apps on the Google Play Store used a similar loophole, generally for ad-targeting purposes.
The "No TikTok on Government Devices Act" bill by Senator Josh Hawley (R-Mo.) was unanimously approved bu the Senate Homeland Security and Governmental Affairs Committee on Wednesday. The bill states U.S. federal employees would be barred from using Chinese-owned mobile video app TikTok on government-issued devices.
The bill now moves to the Senate floor.
GEDmatch, a DNA analysis site, confirmed Wednesday that a permission change caused a breach that allowed law enforcement agents to search user's DNA information.
The site has an option that allows users to select if their DNA is to be included in police searches, but users reported on Sunday those settings had changed without their permission.
The company send an email to its users, stating: "We became aware of the situation a short time later and immediately took the site down. As a result of the breach, all user permissions were reset, making all profiles visible to all users,"
"This was the case for approximately 3 hours. During this time, users who did not opt-in for law enforcement matching were also available for law enforcement matching, and conversely, all law enforcement profiles were made visible to GEDmatch users."
The social network platform TikTok has been fined around $154.000 for mishandling data of children in South Korea. According to the Korea Communications Commission that issued the fine, the data of children under 14 years old has been collected without the required consent of their legal guardians.
In addition to the collection, the data had been transferred overseas without the permission or disclosure to the users.
The European Court of Justice follows the argumentation of a lawsuit made by the Austrian lawyer and activist Max Schrems and declares the "Privacy Shield" unlawful. The pact has until now regulated how companies can share data of European citizens with companies in the United States.
Other regulations based on so-called standard contractual clauses are not affected by the decision. Still, data transfer needs to be suspended if it seems given that the contractual agreements can't or won't be fulfilled in the data receiving country.
Wells Fargo, United States fourth-largest bank, has instructed employees who installed TikTok on company devices to remove the app over privacy concerns.
“We have identified a small number of Wells Fargo employees with corporate-owned devices who had installed the TikTok application on their device,” Wells Fargo said in a statement to NBC News. “Due to concerns about TikTok’s privacy and security controls and practices, and because corporate-owned devices should be used for company business only, we have directed those employees to remove the app from their devices.”
The UK Information Commissioner's Office and Office of the Australian Information Commissioner said on Thursday they have opened a joint investigation into the personal information handling practices of facial recognition technology company Clearview AI.
The investigation will focus on the company’s use of “scraped” data and biometrics of individuals, that contained 3 billion photos.
Clearview is also under investigation by the Office of the Privacy Commissioner of Canada.
During an interview at Fox News, Laura Ingraham asked the United States Secretary of State Mike Pompeo if the Trump Administration is considering to ban Chinese social media apps such as TikTok. Pompeo stated that "With respect to Chinese apps on people's cell phones, I can assure you the United States will get this one right too, Laura" and that he doesn't "want to get out in front of the President, but it's something we're looking at". He also stated security concerns with TikTok and suggested that people should only install the app on their phones if they want their "private information in the hands of the Chinese Communist Party".
Following the enactment of a new security law in Hong Kong, Facebook and its messaging service WhatsApp are suspending government requests for user data in Hong Kong.
A spokesperson from WhatsApp said that they are pausing such requests pending further assessment of the impact of the national security law, including formal human rights due diligence and consultations with human rights experts.
According to Hong Kong Free Press the messenger app Telegram has decided to temporarily not fulfill data requests of its users made by Hong Kong courts. The head of marketing for telegram, Mike Ravdonikas, has stated that "Telegram does not intend to process any data requests related to its Hong Kong users until an international consensus is reached in relation to the ongoing political changes in the city". The decision follows the enactment of the new national security law in Hong Kong.
The "Lawful Access to Encrypted Data Act", introduced by senators Graham, Blackburn, and Cotton would force manufacturers of devices and systems with encryption to be able to decrypt data upon request of public authorities or court orders.
The law is tied to other regulations regarding surveillance and national security including Section 215 of the Patriot Act. For technology companies, the only reason to not unencrypt data would require proof that it is "technically impossible" and then they could be forced by the government to redesign their systems.
Google is switching to an auto-delete setup as its default for web browsing and app history. The company will automatically delete some web and location history after 18 months for new users, and make it easier for existing customers to change their settings.
Previously users had ways to limit data collection and delete history — location history, search, voice, and YouTube activity data — but it was an opt-out experience.
In a blog post, Sundar Pichai CEO of Google stated: "Today, we are announcing privacy improvements to help do that, including changes to our data retention practices across our core products to keep less data by default."
An Austrian court is currently investigating a potential data scandal. The background is the lawsuit against a former police officer who is said to have carried out more than 90 inquiries from the police network for no official reason.
In court, he defended himself that he only checked security company employees. The judgment is still pending.
The co-founder of Telegram, Pavel Durov, has announced that the company will direct "anti-censorship resources into other places where Telegram is still banned by governments — places like Iran and China". In the past Telegram has already developed and provided users with tools to circumvent the Telegram ban in Russia.
Google had been fined for $57m by French regulators in January 2019 because the tech company didn't provide "sufficiently clear" information regarding the consent to use private data for targeted advertisements. The highest French court for administrative law has now denied the appeal against the fine and affirmed the jurisdiction of the regulators.