MediaPro_Ldbd_08_18_16
OneTrust_Banner-ad-demo
BNA_PA_09_16_Privacy Laws-728x90
PrivacyTraining_ad300x250.Promo1-01

DPC16_Banner_300x250-COPY

(Aug 31, 2016) While the Privacy Shield agreement recently negotiated between EU and U.S. governments may face skepticism in the marketplace, it is another legal mechanism that poses the biggest threat for transatlantic data flows. According to the results of a comprehensive survey of 600 privacy professionals by the IAPP, more than 80 percent of companies currently rely on pre-approved “standard contractual clauses” to transfer data from the EU to the U.S. Yet these clauses are currently subject to a legal at... Read More

Daily Dashboard

Web conference: ‘Privacy and Security — How to Maximize Both’

(Aug 31, 2016) Personal and sensitive data needs to be protected from unauthorized access and malicious intent, but it also needs to flow to provide value to the consumer and the organization. So who should have access to what types of data and when? How do you balance regulatory requirements against pressing business needs? Who makes these calls, and how can the security and privacy teams get on the same page and work together in a coordinated, efficient way for the benefit of the business? This practically oriented web conference, “Privacy and Security — How to Maximize Both for the Benefit of Your Organization,” spotlights two senior level data professionals about how they have structured departments, policies and procedures within their organizations. Read More

Daily Dashboard

Hackers dump data from Dropbox’s 2012 hack online

(Aug 31, 2016) Unidentified hackers have dumped the stolen user passwords and emails from more than 68 million Dropbox users online, the Guardian reports. The data was from a 2012 hack that Dropbox had then reported only included passwords, and at the time compromised more than two-thirds of its customer base, the report states. “The hack highlights the need for tight security, both at the user end — the use of strong passwords, two-step authentication and no reuse of passwords — and for the companies storing user data,” the report adds. “Even with solid encryption practices for securing users’ passwords, Dropbox fell [a]foul of password reuse and entry into its company network.” Read More

Daily Dashboard

FBI director: Tech companies use encryption as marketing tool, not a security one

(Aug 31, 2016) At the 2016 Symantec Government Symposium, FBI Director James Comey discussed the problems of encryption by default and the need for a backdoor, maintaining that tech companies tout encryption not for security’s sake but for marketing’s, The Daily Dot reports. "What has happened in the three years I've been Director [of the FBI], post-Snowden, is that that dark corner of the room, especially through default encryption, especially through default encryption on devices, that shadow is spreading th... Read More

Daily Dashboard

EU regulators to look at Facebook-WhatsApp changes

(Aug 31, 2016) Fall out from recently announced plans for WhatsApp to share user data with parent company Facebook continue. The Wall Street Journal reports the Article 29 Working Party said it is following changes to WhatsApp’s privacy policy “with great vigilance.” Additionally, privacy advocates, including the Electronic Privacy Information Center and the Center for Digital Democracy, have filed a complaint with the U.S. Federal Trade Commission, arguing proposed changes that allow it to use WhatsApp user d... Read More

Daily Dashboard

Google, Amazon offer to build Wall Street database

(Aug 31, 2016) Major tech companies are vying for the right to build a new database for the Securities and Exchange Commission designed to track stock and options trading from exchanges and broker-dealers on a daily basis, Bloomberg reports. Amazon and Google’s parent company, Alphabet Inc., are looking to help build the Consolidated Audit Trail database, designed to host exchanges in the cloud, but will also hold personal information on more than 100 million customer accounts. Brokers and bankers are concerne... Read More

Daily Dashboard

Google reaches $5.5M settlement on Safari class action

(Aug 31, 2016) SiliconBeat reports Google has agreed to pay a $5.5 million settlement in a class-action suit that resulted from cookie placement that worked around Apple Safari do-not-track settings. The lawsuit suggested Google collected the user data to boost ad revenue. “Behaviorally targeted advertisements based on a user’s tracked internet activity generally sell for at least twice as much as non-targeted, run-of-network ads,” the suit said. The settlement money will be sent to six technology and privacy ... Read More

Daily Dashboard

Yahoo email scanning settlement garners criticism

(Aug 31, 2016) Ars Technica reports Yahoo has agreed to a settlement on its alleged scanning of user emails, but is making no plans to stop the practice. The tech giant was accused of scanning emails without user consent. The lawsuit was one of six requesting Yahoo to halt its monitoring activities. The settlement awarded $4 million, but none of it will go to the public, with the entirety of the award going to lawyers. The settlement also allows Yahoo to continue to look over user emails without non-Yahoo users’ consent. Yahoo now agrees to only scan the emails when they are on its servers, not while they are in transit. Read More

Daily Dashboard

The FAA’s de facto drone privacy standards are in effect

(Aug 30, 2016) The Federal Aviation Administration’s long-awaited small unmanned aircraft systems rule went into effect yesterday. While the rule addressed drone safety, and contained no privacy-specific standards, Lisa Ellman and Jared Bomberg of Hogan Lovells write for Privacy Tracker that the rules have real privacy implications: "These rules, coupled with state and local UAS privacy laws and general rules that prohibit unfair or deceptive acts or practices, peeping Toms, trespassing and nuisance, as well as voluntary industry commitments regarding privacy, provide a glimpse into what the near-term privacy landscape for civil drones looks like.” Read More

Daily Dashboard

Building a program? Better get your internal audit game right

(Aug 30, 2016) It can be challenging for a business to correctly identify its unique privacy risks and the sufficiency of any safeguards in place to manage those risks. That’s where a well- developed internal-audit function is essential, writes Sara van Spronsen in this exclusive for The Privacy Advisor. “Without the independence, skills and expertise, and cross-border abilities of a well-developed internal audit function, an organization may find itself struggling to provide the necessary substance to back its privacy policy and meet the privacy needs of its customers, vendors and stakeholders,” van Spronsen writes. Read More

Daily Dashboard