Ad industry questions Google's third-party cookie decision

(Jan 17, 2020) Advertisers have questioned Google's decision to phase out third-party cookies, CNBC reports. Association of National Advertisers Group Executive Vice President of Government Relations Dan Jaffe and American Association of Advertising Agencies Executive Vice President of Government Relations Dick O'Brien said in a joint statement advertisers are concerned Google made this decision without consulting the industry and providing any alternatives. "We intend to work with stakeholders and policymaker... Read More

Italian DPA issues 11.5M euro GDPR fine

(Jan 17, 2020) Italian data protection authority, the Garante, has announced an 11.5 million euro fine against gas and electric company Eni Gas e Luce for violations of the EU General Data Protection Regulation. The fine relates to EGL's data processing for telemarketing activities and the activation of unsolicited contracts. In addition to the fine, the Garante has ordered EGL to adopt corrective measures while prohibiting processing data of those on its telemarketing list without explicit consent. (Original ... Read More

FBI nabs website for selling breached records

(Jan 17, 2020) Silicon Republic reports the U.S. Federal Bureau of Investigation has shut down WeLeakInfo.com for selling personal records from data breaches over the last three years. According to the FBI, the website collected personal information from more than 10,000 data breaches and then sold access to the records for as little as $2. Types of records collected and sold included names, email addresses, usernames, phone numbers and unencrypted passwords. Meanwhile, the Federal Trade Commission announced f... Read More

NIST unveils first version of privacy framework

(Jan 17, 2020) The National Institute of Standards and Technology announced the release of the "NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management." Following stakeholder feedback on a draft of the framework, NIST's published framework provides "a useful set of privacy protection strategies" and "clarification about privacy risk management concepts." NIST Director Walter Copan said, "Privacy is more important than ever in today’s digital age. The strong support the Privacy ... Read More

EU regulators eyeing clampdown on digital assistants

(Jan 17, 2020) Bloomberg reports EU privacy regulators have their sights set on policing voice assistants following allegations of workers snooping on users. Luxembourg National Data Protection Commission President Tine Larsen has indicated regulators are working toward a unified approach to regulating big tech companies' voice assistant programs. "Because it’s a question of principle, the members of the (European Data Protection Board) should work out a common position in line with the consistency mechanism t... Read More

Competition Bureau investigates political parties' use of personal data

(Jan 17, 2020) Following a complaint by the Centre for Digital Rights, the Competition Bureau of Canada is looking into the Liberal, Conservative and New Democratic political parties for unregulated harvesting and misuse of Canadians’ personal information, CTV News reports. The center’s complaint alleges the parties engaged in “big data mass surveillance and harvesting techniques” and “large scale misuse of big data and targeted digital advertising.” Competition Bureau Senior Communications Advisor Marie-Chris... Read More

FRA publishes guidance for Eurodac fingerprint processing

(Jan 16, 2020) The European Union Agency for Fundamental Rights has released guidance for data processing related to fingerprints for the European Asylum Dactyloscopy system. The guide aims to help officers explain the Eurodac processing to asylum applicants and detained migrants, who have "the right to understand who is processing their personal data and why." Specific information officers are required to deliver to data subjects and data collection procedures for children are outlined in the guidance.Full St... Read More

NPC warns ride-hailing service of data security problems

(Jan 16, 2020) The Manila Times reports the Philippines National Privacy Commission has called on ride-hailing service Grab Philippines to improve its data security measures. The NPC cited issues with Grab's recent updates to its passenger verification system and a test program for in-car audio and video recordings. NPC Compliance and Monitoring Division Chief Olivia Khane Raza said, "To avoid serious breaches of privacy, the commission must ensure that their new system is compliant with the Data Privacy Act a... Read More

Belgian DPA to look at supermarket's fingerprint payment system

(Jan 16, 2020) The Brussels Times reports the Belgian data protection authority, Gegevensbeschermingsautoriteit, is planning an investigation into supermarket chain Carrefour's fingerprint payment system. The GBA initially asked questions about the system, which violates the EU General Data Protection Regulation if consumers don't consent to the data collection, before Carrefour revealed it had already implemented the program. "There are exceptions, but people have to explicitly give their consent in those cas... Read More

Why companies ask for more info before fulfilling data requests

(Jan 16, 2020) The New York Times reports on the additional information consumers are asked to produce to exercise their data access rights. Vendors that facilitate data subject access requests may ask for methods of verification, such as government ID or a picture of the person who made the request. While there may be concerns over handing over more information, organizations are required to verify the identity of the requester under the California Consumer Privacy Act and other laws. The verification issue a... Read More