ABC's of Privacy This Week - March 4, 2020

Applause

·     UK explains the approach to data adequacy in post-Brexit negotiations

The UK government published its official position on several post-Brexit negotiations with the EU, including its approach to data adequacy. The government ingeminated its intention to have an independent data protection policy after the one-year transition period. In the transition period, there will be free-flowing data between the UK and the EU; UK will ensure that a transparent infrastructure is in place for a smooth collaboration with EU data protection authorities.

For more info: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/868874/The_Future_Relationship_with_the_EU.pdf

·     OAIC releases Consumer Data Right guidelines

To protect data privacy under the Consumer Data Right System, the Office of the Australian Information Commissioner recently published guidelines. In July, the first implementation of the guideline will take place in the banking sector. The guidelines are meant to educate the participating organizations of their privacy obligations.

For more info: https://www.oaic.gov.au/updates/news-and-media/consumer-data-right-privacy-guidelines-released/

·     CEO: Microsoft will comply with data privacy laws

CEO of Microsoft, Satya Nadella, speaking at the Future Decoded Tech Summit in Bangalore, India, told entrepreneurs and developers that Microsoft is keen on complying with the data residency laws and regulations of different countries.

For more info: https://www.newindianexpress.com/business/2020/feb/26/will-comply-with-indias-data-privacy-laws-2108617.html

Breaches

·     Sporting goods retailer leaks 123 Million records

According to Infosecurity Magazine, an unsecured database exposed more than 123 million data records of Decathlon, a French sporting goods retailer. The breached database potentially had information on its Spanish and UK businesses, including employee social security numbers, addresses, and birthdates. VpnMentor discovered the data breach on 12th February, and Decathlon closed the database of the public on 17th February.

For more info: https://www.infosecurity-magazine.com/news/sports-giant-decathlon-leaks-123/

Current News

·     Coronavirus ramps up Chinese data collection

According to the South China Morning Post, China has intensified personal data collection endeavors to contain chances of further outbreaks. The data collected, including real-name registrations for medications as well as transportation, has helped identify disease-prone areas.  

For more info: https://www.scmp.com/tech/apps-social/article/3052232/coronavirus-accelerates-chinas-big-data-collection-privacy

·     Prescription drug apps share personal information of millions

Health care app GoodRx shares personal information of its more than 10 million users with third-party websites, according to Gizmodo. However, since the company’s work and data practices are not covered under the Health Insurance Portability and Accountability Act, they cannot be held accountable for data breach or theft.

For more info: https://gizmodo.com/goodrx-shares-my-prescriptions-with-third-parties-and-i-1841772965