ABC's of Privacy This Week - Nov 20, 2019

Welcome to our weekly privacy newsletter to read the latest privacy-related news from across the globe. We classify our weekly privacy newsletter into three parts namely Applause, Breaches and Current News (ABC's) of Privacy news. For any feedback on our weekly newsletter, please feel free to send your comments to social@oneDPO.com.    

Applause  

Washington Lawmakers Plan to Launch a New Data Protection Framework

Washington state legislators plan to launch new regulations governing data privacy and facial recognition by 2020. The draft bill includes some key provisions that regulate how companies access personal data and use facial recognition in public spaces. Microsoft was a key player in the effort to enact privacy regulations in Washington state during the last session.

For more info: https://www.geekwire.com/2019/sneak-peek-washington-state-lawmakers-plan-regulate-data-privacy-facial-recognition/

Breaches

Macy's Hit by Customer Data Breach

The top retail departmental store Macy's has discovered web skimmer malware on its website, which was collecting customers' payment card information. The web skimmer that affected Macys.com target two company controlled web pages ' the checkout page of the website and the My Wallet page. An anonymous researcher has linked the attack to an infamous Magecart group. Macy has advised its consumers who are impacted by this data breach to regularly monitor their credit card statements and report for any fraud-related activity.

For more info:  https://threatpost.com/macys-data-breach-linked-to-magecart/150393/

Cayman National Bank Confirms a Data Breach

Cayman National Bank has officially confirmed that it suffered a data hack, without specifying the scope of the breach. Phineas Fisher, a notorious group of black hat hackers claimed that they had hit the bank. Cayman National Corporation said that the theft is contained within the National Bank and National Trust Company and does not affect other subsidiaries.
For more info https://portswigger.net/daily-swig/cayman-national-bank-confirms-data-breach-impacted-isle-of-man-subsidiaries

Current News

Maryland Police Drones Aid in Searches but Raise Privacy Concerns

Maryland police have started to use drones to investigate crashes, photograph crime scenes, and survey weather damage. Privacy and civil liberties advocates are concerned by law enforcement's use of the technology as drones have constant surveillance over civilians. Already 18 states have passed laws that require police to obtain a warrant before using a drone for surveillance or searches, according to the National Conference of State Legislatures.  

For more info: https://www.baltimoresun.com/maryland/howard/bs-md-police-drones-20191115-wmhapy5ihnaknesjolxhhip5zq-story.html

Consumer Groups Seek US Government to Block Google-Fitbit Deal

Nine privacy, social justice, and consumer groups are calling for the U.S. government to block Google's $2.1 billion acquisition of fitness-gadget maker Fitbit, citing antitrust and privacy concerns. In a letter to the Federal Trade Commission, the groups wrote Fitbit would help Google to increase its dominance over internet searches, as well as give the tech company another avenue to gather health information.

For more info: https://www.cnbc.com/2019/11/13/privacy-consumer-groups-seek-to-block-google-fitbit-deal-citing-antitrust-and-privacy-concerns.html

Grocery Chain Owner Considers Facial-recognition Payment System

Toronto-based businessman Wei Chengyi is considering introducing facial-recognition payment systems at his Foody Mart grocery stores in Ontario and British Columbia. The technology would capture an image of the shopper's face that is linked to their account and allows them to purchase without a card, cash or phone. Already privacy and human-rights activists have raised concerns over the use of technology as they're worried that a pro-China entrepreneur is looking to bring the technology to Canada.

For more info: https://nationalpost.com/news/pay-with-your-face-ontario-grocery-chain-looks-at-paying-via-facial-recognition

Apple to Conduct Medical Research Using Users Data

Apple has announced plans to launch a research app that would collect user-health data from iPhone and Apple Watch owners for product development. Participants can use their Apple devices to share movement, heart rate, and noise level data to the research and they can do it through everyday activities like walking and running. When announcing the studies, Apple reiterated its commitment to privacy and noted that the Research app shares data with a study only when a user approves it.

For more info https://www.technewsworld.com/story/86364.html

Google's Project Nightingale Gathers Personal Health Data

Google had partnered with Ascension Healthcare, the second-largest healthcare provider in the US, in a venture called Project Nightingale. The main plan behind this project is to transfer personal health data of millions of patients to the giant technology company's cloud-based platforms. Ascension has a Catholic network of 2,600 hospitals, clinics, and other medical outlets. Experts are troubled by the secrecy in which the negotiations had been conducted and the unprecedented nature of the size and type of information being shared.

For more info https://www.protecto.ai/googles-project-nightingale-sparks-privacy-concerns/