ABC's of Privacy This Week - April 1, 2020

Applaud

• CSE urges COVID-19 researchers to protect data

According to The Globe and Mail, Canada’s Communications Security Establishment, a federal intelligence agency, is urging COVID-19 researchers to protect personal details as “sophisticated threat actors” may look to steal “key research toward a vaccine.”

For more info: https://www.theglobeandmail.com/canada/article-spy-agency-warns-canadas-coronavirus-researchers-to-look-out-for/

• Apple’s Safari blocks third-party cookies.

According to The Verge, Apple’s Safari now blocks all third-party cookies. The company has recently updated Safari’s Intelligent Tracking Prevention, the privacy feature that allows the web browser to block cookies. ITP also has safeguards against tracking users through digital fingerprints.

For more info: https://www.theverge.com/2020/3/24/21192830/apple-safari-intelligent-tracking-privacy-full-third-party-cookie-blocking

• CNIL discusses BYOD best practices

The CNIL, France’s data protection authority, has published its guidance on best practices for privacy and data security associated with the concept of bring-your-own-device or BYOD. The CNIL has also noted that employers are responsible for the security of company data stored on devices that are not their own. Additionally, CNIL also recommended that all BYOD issues can be reduced by risk assessment and formalized measures within security policies. (The original post is in French)

For more info: https://www.cnil.fr/fr/byod-quelles-sont-les-bonnes-pratiques

Data Breaches

• Data breach impacts GE employees

According to Tech Radar, personal information of General electric employees, both current and former, was exposed in a data breach at one of the company’s service providers. From the 3^rd to the 14^th of February 2020, an unauthorized party accessed a Cannon Business Process Services employee email account containing the documents with names, addresses, social security numbers, passport, and bank account numbers of current GE employees, former employees, and beneficiaries. GE is reportedly taking preventative measures after the breach.

For more info: https://www.techradar.com/nz/news/general-electric-suffers-data-breach-after-service-provid

Current News

• Dutch DPA examining the auto industry’s GDPR compliance

Autoriteit Persoonsgegevens, the Dutch data protection authority, announced that it had begun an investigation into EU GDPR (General Data Protection Regulation) compliance of automobile companies. The study will reportedly focus on whether the manufacturers have violated GDPR compliance with their work on connected vehicles. While the goal is to have a report by end of summer, the AP admits that the release might be delayed due to the effect of COVID-19. (The original article is in Dutch)

For more info: https://autoriteitpersoonsgegevens.nl/nl/nieuws/ap-kijkt-naar-nederlandse-autofabrikanten

• Trudeau-Canada will not use location data to track COVID-19 for now.

CBC News reports, Justin Trudeau, the Prime Minister of Canada, has said that Canada is not considering using location data to track COVID-19 as of now. However, he also made a point to ensure that he recognizes that in an emergency, they might need to take specific steps not required in non-emergency.  For more info: https://www.cbc.ca/news/politics/cellphone-tracking-trudeau-covid-1.5508236

‍