Protecto

ABC’s of Privacy This Week – Nov 13, 2019

Welcome to our weekly privacy newsletter to read the latest privacy-related news from across the globe. We classify our weekly privacy newsletter into three parts namely Applause, Breaches and Current News (ABC’s) of Privacy news. For any feedback on our weekly newsletter, please feel free to send your comments to social@onedpo.com.

Applause

Kenya Passes Data Protection Law

Kenyan President Uhuru Kenyatta has approved a new data protection law which complies with EU legal standards. The new law sets out restrictions on how personal data obtained by firms and government entities should be handled, stored and shared. This move is set to bolster investment and trust in its information technology sector.

For more info  https://www.reuters.com/article/us-kenya-dataprotection/kenya-passes-data-protection-law-crucial-for-tech-investments-idUSKBN1XI1O1

US Congresswoman Propose a New Federal Agency to Enforce Online Privacy Rights

On Tuesday, two congresswomen Anna Eshoo and Zoe Lofgren from Silicon Valley introduced a new online privacy bill that proposed a federal enforcement agency to protect privacy rights across the USA. The new bill proposes the creation of the Digital Privacy Agency (DPA) that would have the power to enforce privacy rights for users and make sure companies follow the law. The bill also grants users the right to access, correct, delete, transfer personal data and choose for how long a company can keep the data. Companies should also get the consent of the user before using the data for machine learning or artificial intelligence algorithms.

 For more info: https://www.cnbc.com/2019/11/05/reps-lofgren-and-eshoo-propose-online-privacy-act.html

Breaches

Capital One Data Breach Affects 106 Million Consumers

Capital One data breach has affected more than 106 million consumers across the globe. The bank has removed its Chief Information Security Officer Michael Johnson in the wake of the bank’s massive data breach. Mike Eason has been named interim CISO. The bank was reportedly experiencing cybersecurity issues before the breach and has seen its staff shrink in the months that followed the incident.

For more info:  https://www.wsj.com/articles/capital-one-senior-security-officer-being-moved-to-new-role-11573144068

Facebook Reveals More Than 100 Software Developers May Have Improperly Accessed User Data

Facebook discloses that as many as 100 software developers may have improperly accessed user data, including the names and profile pictures of people in specific groups on the social network.  The company said it has removed this access and reached out to 100 developer partners who may have accessed the information in the last 60 days. However, the company did not state how many users were affected.

For more info https://www.cnbc.com/2019/11/05/facebook-says-100-developers-may-have-improperly-accessed-user-data.html

Current News

Spanish DPA Issues Fine for GDPR Violations

The Spanish data protection authority has fined Madrileña Red de Gas for violations of the EU General Data Protection Regulation. The 12,000 euros fine was levied on the gas company for failing to have proper measures in place to validate a data subject’s identity. The complainant alleges the company sent out their information to a third-party via email in response to an inquiry.

For more info: https://www.aepd.es/resoluciones/PS-00188-2019_ORI.pdf

Trueface Wins Air Force Facial Recognition Contract

Computer vision company Trueface has been awarded its second contract for biometric facial recognition technology from the U.S. Air Force, to help secure base access and safety. Using artificial intelligence techniques, Trueface transforms camera data into actionable intelligence to make your environments safe. It will be deployed at military bases across the USA to speed up the entry process and enhance base security.

For more info: https://www.biometricupdate.com/201911/trueface-wins-air-force-facial-recognition-contract-as-other-government-deployments-court-controversy

Polish Personal Data Protection Office Issues fine for GDPR Violations

The Polish Personal Data Protection Office (PDPO) has issued a PLN 201,000 fine against ClickQuickNow for alleged violations of the EU GDPR. The PDPO found the company did not have the proper measures in place to allow users to withdraw consent, nor did it give users data erasure rights. It further gave ClickQuickNow 14 days from the delivery date of the notice to comply with the decision.

For more info: https://www.uodo.gov.pl/en/553/1092

India’s Facial-recognition Program Brings Privacy Concerns

As India prepares to install a nationwide facial recognition system to catch criminals and find missing children, human rights and technology experts warned of the risks to privacy from increased surveillance. This surveillance system report has little information on where it will be deployed, what the data will be used for and how data storage will be regulated. Experts feel without a data protection law and an electronic surveillance framework, it can lead to social policing and control.

For more info: https://www.reuters.com/article/us-india-tech-facialrecognition-trfn/mass-surveillance-fears-as-india-readies-facial-recognition-system-idUSKBN1XH0S9