April 27, 2020
Welcome to our weekly privacy newsletter to read the latest privacy-related news from across the globe. We classify our weekly privacy newsletter into three parts namely Applause, Breaches and Current News (ABC's) of Privacy news. For any feedback on our weekly newsletter, please feel free to send your comments to social@oneDPO.com.
The long-awaited Personal Data Protection Bill, 2018 is likely to be brought to the floor in the upcoming winter session of the Indian Parliament. The proposed bill introduces provisions related to privacy by design, conditions for cross-border data transfer and appointing data protection officers, making it vastly different from the existing data protection framework.
For more info: https://iapp.org/news/a/preparing-for-indias-new-data-protection-framework/
Montreal-based Desjardins databreach has affected all of the financial cooperative's 4.2 million members,prompting government reforms to protect personal information in the Canadianprovince of Quebec. An internal probe revealed that the reason behind the databreach is due to the unauthorized use of internal data by an employee which ledto the breach of personal information, including social insurance number,address and details of banking habits.
UniCredit, one of Italy's top bank,has uncovered a data breach involving the personal records of 3 milliondomestic clients. The lender said in a statement on Monday the compromisedrecords contained no details, that would allow access to customer accounts orfor unauthorized transactions to be carried out. An internal probe is ongoingand a spokesman for UniCredit said no further details could be disclosed on howthe breach happened.
For more info: https://www.reuters.com/article/us-unicredit-cyber/unicredit-identifies-data-breach-in-italian-client-records-idUSKBN1X70HM
Indian-based educational technologyfirm Vedantu faced a data breach in the last week of September, which riskeddata of more than 680,000 customers. The vulnerability exposed customer detailssuch as email ids', names and phone numbers. The company confirmed that thevulnerability was fixed within a few days and the affected customers wereinformed about the attack and advised to change their passwords.
For more info: https://tech.economictimes.indiatimes.com/news/internet/vedantus-data-breach-risked-680000-customers-data/71882087
The Austrian data protectionauthority (DPA) imposed an administrative fine of 18 million euros on 'sterreichischePost AG ('PAG) after conducting administrative fine proceedings. The fine wasbased on the evidence that 'PAG had violated the GDPR by processing personaldata on the alleged political association of affected data subjects.
For more info: https://edpb.europa.eu/news/national-news/2019/administrative-criminal-proceedings-austrian-data-protection-authority_en
Alphabet, Google's parent company announced on Friday that it is acquiring San-Francisco based smartwatch maker Fitbit for $2.1 billion. Fitbit has also issued a statement that Google was paying $7.35 per share in cash. The deal will likely face scrutiny over how Google plans to use the data Fitbit users have shared. Google has assured its Fitbit users that it will provide tools to review, move, and delete their data.
For more info: https://www.protecto.ai/is-fitbit-users-data-safe-with-google/
A conference in Vancouver showcased a product demonstration ofSnapPay Grocers which enables you to pay your monthly grocery bills using thefacial recognition technology. Privacyadvocates are cautious about the deployment of the technology as the grocerystore itself plans to store and process the collected data. This could lead toa potential data breach without proper implementation and security measures.
Singapore's Personal Data Protection Commission imposed fines against eight companies for violations of the Personal Data Protection Act. The highest financial penalty of $90,000 was levied on Ninja Logistics for failing to put in place reasonable security arrangements to protect customers' data, allowing the data to be accessed publicly.
Formore info: https://www.pdpc.gov.sg/pdpc/news/latest-updates/2019/11/new-commissions-decisions-on-4-november-2019
Raiffeisen Bank S.A. and Vreau Credit S.R.L were imposed an administrative fine of 150,000 Euros by the National Supervisory Authority. The breach of security happened when employees of Raiffeisen Bank S.A., transmitted the information to the employees of the company Vreau Credit S.R.L. through the WhatsApp mobile application, to determine the eligibility of the respective individuals. Moreover, the information was shared between the companies without the consent of the customers.
For more info: https://edpb.europa.eu/news/national-news/2019/romanian-supervisory-authority-fines-artmark-holding-srl_en
We take privacy seriously. While we promise not to sell your personal data, we may send product and company updates periodically. You can opt-out or make changes to our communication updates at any time.