Welcome to our weekly privacy newsletter to read the latest privacy-related news from across the globe. We classify our weekly privacy newsletter into three parts namely Applause, Breaches and Current News (ABC's) of Privacy news. For any feedback on our weekly newsletter, please feel free to send your comments to social@oneDPO.com.
Applause
California Proposes Guidance for Privacy Law
California Office of the Attorney General addressed methods for handling and verifying consumer requests, training, recordkeeping, and the special statutory provisions concerning minors. Following CCPA's footsteps, The New York Stop Hacks and Improve Electronic Security Data Act (SHIELD Act) is set to take effect from March 21, 2020. The SHIELD law amends the current New York breach notification statute and increases data security protections.
For more info: https://www.journalofaccountancy.com/news/2019/nov/proposed-guidance-california-consumer-privacy-act-201922530.html
Breaches
T-Mobile Data Breach Affects More Than One Million Prepaid Users
The US telecom giant T-Mobile has confirmed that it suffered a data breach,which compromised the personal data of over a million customers. Though the information exposed did not include anyfinancial information, social security numbers or password data, otherimportant information like users' names, billing addresses, phone numbers,account numbers and plan information were compromised.
For more info: https://www.pymnts.com/news/security-and-risk/2019/t-mobile-data-breach-puts-personal-data-of-1m-customers-at-risk/
Smartphone Maker OnePlus Reports Data Breach
India's cybersecurity agency CERT-In claimedthat less than 3K Indian customers were exposed in the recent OnePlus securitybreach. The cybersecurity body further stated that the users may receive spamand phishing emails as a result of this incident. As a precautionary measure,the OnePlus users were advised to change their account passwords with a strongpassword.
For more info: https://inc42.com/buzz/oneplus-security-breach-impacted-data-of-3k-indian-users-cert-in/
Current News
Spanish DPA Issues Fine for GDPR Violations
TheSpanish data protection authority has fined Corporaci'nde Radio y Televisi'n Espa'olafor alleged violations of the EU General Data Protection Regulation. A fine of60,000 euros was levied on the company for failing to comply with Article 32 of the GDPR after itlost devices that contained sensitive personal information.
For more info: https://iapp.org/news/a/spanish-dpa-issues-60k-euro-fine-for-gdpr-violations/
Turkish DPA Can Now Lodge Criminal Complaints Over Data Breaches
The Board for Protection of Personal Datawill now be able to make criminal complaints against those who use softwareprograms or applications that access the personal data of the public. Acriminal complaint can be made against the users against those who violate dataprotection and the necessary legal proceedings can be initiated along with anadministrative fine up to TL 1 million.
For more info: https://www.dailysabah.com/turkey/2019/11/21/criminal-complaints-to-be-lodged-over-personal-data-breaches
Mozilla Publishes Privacy-focused Gift Guide
Navigating the privacy terms for every single techproduct can be a confusing maze and figuring out security standards for thesegadgets can be even more difficult. Mozilla published its annual 'Privacy NotIncluded gift' guide, with ratings on the security of 77 products -- from smartspeakers to fitness trackers -- along with a review of how the devices shareyour data. Out of hundreds of products, only sixty-two products met Mozilla's minimum-securitystandards.
For more info: https://foundation.mozilla.org/en/privacynotincluded/
Chaayos Under Fire for Using Insecure Facial Recognition Tech
Chaayos, the multi-city chain of tea cafes based out of India, is under fire on social media for employing facial recognition, allegedly without customer consent. Questions were raised about how Chaayos has implemented the technology. Reacting to the backlash, in an official statement, Chaayos said that it does not use or process this information for any other purpose. This action has pushed for an effective data protection bill in India.
