BNA_PA_09_16_Privacy Laws-728x90


(Aug 25, 2016) Welcome to this week’s privacy news from our region and beyond. The big ticket item in Australia (and Canada!) this week has been the release of the findings of the joint investigation by Australia’s and Canada’s Privacy Commissioners into the Ashley Madison website (following its well-publicised hacking last year). Commentators have described the Commissioners’ findings about the website’s security and privacy practices as “scathing.”   Leaving aside the moral question of whether a website th... Read More

Asia-Pacific Dashboard Digest

Victorian foster care system breaching children’s data for more than 10 years

(Aug 25, 2016) Three out of four Victorian child protection department divisions have breached the privacy of children in its care for more than ten years, The Age reports. Should a breach subject discover their information was vulnerable, the agency would either pay the victim off or provide upgrade security tools for his or her home, the report states. “As a result of the disclosures there have been reports of children being threatened, carers being harassed at their homes and receiving menacing phone calls ... Read More

Asia-Pacific Dashboard Digest

Justice minister announces proposed prisoner monitoring law

(Aug 25, 2016) New Zealand Justice Minister Amy Adams has announced a new proposed bill that will track prisoners in real-time, to prevent them from escaping prison under an assumed name, reports. Some government officials deemed the proposed law, dubbed the Enhancing Identity Verification and Border Processes Legislation Bill, necessary after jailed murderer and pedophile Phillip John Smith fled the country on work release. "You tend to get ... a concern about potential privacy breaches, but my view is that public safety and law enforcement have to be the overriding criteria and if we have to amend the law to make that clear, then that's certainly something I'm prepared to advance,” Adams said. Read More

Asia-Pacific Dashboard Digest

PwC acquires to prepare for Privacy 2.0

(Aug 25, 2016) The age of privacy as a matter of policy and law is over. Now dawns the age of privacy as a technical matter, of automation, operations, and execution. At least that’s how PwC sees things, and that has fueled a pair of acquisitions in the identity and access management market, which will be bolted on to PwC’s growing cybersecurity, privacy and data protection practice. IAPP Publications Director Sam Pfeifle talks with PwC and the CEO of Everett, PwC’s latest buy, about why “if you don’t have deep technical expertise, such as about how biometric authentication works in a technical sense, you don’t have any future in the market.” Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

WhatsApp to begin sharing user data with Facebook

(Aug 25, 2016) The New York Times reports WhatsApp will start sharing user information with Facebook. The messaging app plans to send members’ phone numbers and analytics data to the social network, marking the first time WhatsApp has connected user accounts to Facebook. WhatsApp said neither company would be able to view users’ encrypted messages, and promised not to share phone numbers with advertisers. “Our values and our respect for your privacy continue to guide the decisions we make at WhatsApp,” Co-foun... Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Sony adds two-factor authentication for PlayStation Network

(Aug 25, 2016) ZDNet reports Sony has implemented two-factor authentication to its PlayStation Network. PlayStation and PSP owners can now connect their accounts to their smartphones and tablets. When logging into the PlayStation Network, a code will be sent to the chosen device, and the user must submit the code in order to access their account. The authentication system makes it harder for hackers to access the network. Implementing two-factor authentication is a response to the massive data breach the PlayStation Network suffered in 2011, where the names, dates of birth, and credit card numbers of 77 million users were compromised. Read More

Asia-Pacific Dashboard Digest, Daily Dashboard

Canada, Australia: Ashley Madison misled consumers

(Aug 24, 2016) The lead privacy regulators of Canada and Australia have released the results of their joint investigation into the Ashley Madison data breach. The investigation revealed Ashley Madison had “inadequate security safeguards and policies” and misled users with a “phony trustmark icon” on the site’s homepage, The Globe and Mail reports. The Privacy Commissioner of Canada requires Ashley Madison to build better security systems and offer users more control of their data. “The most broadly applicable ... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard

Mozilla invests in privacy search engine Cliqz

(Aug 24, 2016) reports Mozilla has invested in the privacy-focused search company Cliqz, which is majority owned by Hubert Burda Media. The search engine is currently available as a free add-on for Firefox, where “no personally identifiable information is transmitted or saved on its servers.” Cliqz also has its own standalone browser, with search built in. “Mozilla is the ideal company for Cliqz to work with because we both believe in an open Internet where people have control over their data. Data an... Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Google announces de-ranking of sites with obstructive mobile ads

(Aug 24, 2016) CNET reports Google will begin penalizing mobile sites with pop-up ads covering the “main content” of a page, requiring users to close them before accessing content. "Pages that show intrusive interstitials provide a poorer experience to users than other pages where content is immediately accessible," Google Product Manager Doantam Phan wrote in a blog post. "This can be problematic on mobile devices where screens are often smaller. To improve the mobile search experience, after January 10, 2017, pages where content is not easily accessible to a user on the transition from the mobile search results may not rank as highly." Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Study: Business email compromise costs $3B in damage worldwide

(Aug 23, 2016) A new report from Trend Micro reveals an oft-underreported scam has bilked more than $3 billion from businesses around the world, The Hill reports. “Business email compromise” — a method by which adversaries use email to trick employees into wiring company funds — has affected approximately 22,000 organizations, according to the FBI, since the beginning of 2015. Trend Micro tracked more than 2,000 BEC incidents in the U.S. and found that attackers often closely research a given target. An adversary may research a company’s legal settlement and imitate the law firm’s email account, for example. Trend Micro Chief Cybersecurity Officer Ed Cabrera said, “BEC doesn’t fall in line with data breach laws — it’s just a digital con game. And unlike other attacks, it does not cause a loss of operational time.” Read More

Asia-Pacific Dashboard Digest, Daily Dashboard, Europe Data Protection Digest