Welcome to our weekly privacy newsletter to read the latest privacy-related news from across the globe. We classify our weekly privacy newsletter into three parts namely Applause, Breaches and Current News (ABC's) of Privacy news. For any feedback on our weekly newsletter, please feel free to send your comments to social@oneDPO.com.
Kenyan President Uhuru Kenyatta has approved a new data protection law which complies with EU legal standards. The new law sets out restrictions on how personal data obtained by firms and government entities should be handled, stored and shared. This move is set to bolster investment and trust in its information technology sector.
On Tuesday, two congresswomen Anna Eshoo and Zoe Lofgren from Silicon Valley introduced a new online privacy bill that proposed a federal enforcement agency to protect privacy rights across the USA. The new bill proposes the creation of the Digital Privacy Agency (DPA) that would have the power to enforce privacy rights for users and make sure companies follow the law. The bill also grants users the right to access, correct, delete, transfer personal data and choose for how long a company can keep the data. Companies should also get the consent of the user before using the data for machine learning or artificial intelligence algorithms.
Capital One data breach hasaffected more than 106 million consumers across the globe. The bank has removedits Chief Information Security Officer Michael Johnson in the wake of thebank's massive data breach. Mike Eason has been named interim CISO. The bankwas reportedly experiencing cybersecurity issues before the breach and has seenits staff shrink in the months that followed the incident.
Facebook discloses that as many as100 software developers may have improperly accessed user data, including thenames and profile pictures of people in specific groups on the socialnetwork. The company said it has removedthis access and reached out to 100 developer partners who may have accessed theinformation in the last 60 days. However, the company did not state how manyusers were affected.
The Spanish data protection authority has fined Madrile'a Red de Gas for violations of the EU General Data Protection Regulation. The 12,000 euros fine was levied on the gas company for failing to have proper measures in place to validate a data subject's identity. The complainant alleges the company sent out their information to a third-party via email in response to an inquiry.
For more info: https://www.aepd.es/resoluciones/PS-00188-2019_ORI.pdf
Computer vision company Trueface has been awarded its secondcontract for biometric facial recognition technology from the U.S. Air Force,to help secure base access and safety. Using artificial intelligencetechniques, Trueface transforms camera data into actionable intelligence tomake your environments safe. It will be deployed at military bases across theUSA to speed up the entry process and enhance base security.
The Polish Personal DataProtection Office (PDPO) has issued a PLN 201,000 fine against ClickQuickNowfor alleged violations of the EU GDPR. The PDPO found the company did not havethe proper measures in place to allow users to withdraw consent, nor did itgive users data erasure rights. It further gave ClickQuickNow 14 days from thedelivery date of the notice to comply with the decision.
For more info: https://www.uodo.gov.pl/en/553/1092
As Indiaprepares to install a nationwide facial recognition system to catch criminalsand find missing children, human rights and technology experts warned of therisks to privacy from increased surveillance. This surveillance system reporthas little information on where it will be deployed, what the data will be usedfor and how data storage will be regulated. Experts feel without a dataprotection law and an electronic surveillance framework, it can lead to socialpolicing and control.