ICO launches data awareness campaign

(May 9, 2019) The U.K. Information Commissioner's Office announced the creation of the "Be Data Aware" campaign, which will work to explain to people how they are targeted online and how they can control who targets them. The campaign will also cover what data is being used by organizations in targeting efforts and help people understand how the data is used through online advertising and marketing. "Our goal is to effect change and ensure confidence in our democratic system," ICO Information Commissioner Eli... Read More

Norwegian Supervisory Authority fines municipality 170K euros for GDPR violations

(May 9, 2019) The Norwegian Supervisory Authority, Datatilsynet, fined the municipality of Bergen 170,000 euros for violations of the EU General Data Protection Regulation. An investigation found the usernames and passwords of 35,000 primary school students and employees were left unprotected and openly accessible. Datatilsynet determined the municipality did not have the proper security measures in place and had violated both Articles 5(1)f and 32 of the GDPR. Users’ names, dates of birth, passwords, school ... Read More

Cranor named to Carnegie Fellows program

(Apr 24, 2019) Carnegie Mellon University's CyLab Privacy and Security Institute Director Lorrie Cranor, CIPT, has been named to the Class of 2019 Andrew Carnegie Fellows, according to a release from the university. Cranor was chosen as one of this year's 32 fellows, selected from nearly 300 nominations. Cranor has drawn up 150 papers on privacy and security that champion usability as a key element to making modern technology more safe, secure and privacy aware. Writing the book "Security and Usability" and cr... Read More

Georgetown, MIT to host privacy law presentation

(Apr 24, 2019) Law students from Georgetown University and engineers from the Massachusetts Institute of Technology are joining forces on solutions for U.S. privacy legislation at the Privacy Legislation Pitch Presentations Thursday on the 12th floor of the Gewirz Building on the Georgetown Law campus. Students from Georgetown Law's Federal Legislation Clinic and MIT's Internet Policy Research Initiative will form interdisciplinary groups that will go before a panel to present draft legislation related to poli... Read More

University settles $5.26M class action over hard drive theft

(Apr 22, 2019) Washington State University has negotiated a $5.26 million settlement over a potential data breach from 2017, The Spokesman-Review reports. The possible breach involved a stolen hard drive featuring the personal information of nearly one million people. Plaintiffs in the class suit claimed the burglary, which is still unsolved, was due to the university's negligent storage of the hard drive in an unsecure area. “While Washington State University disputes the claims made in the suit, the universi... Read More

Debate on whether GSA membership for teens should be private rises in Alberta

(Apr 12, 2019) CBC Kids News reports on the debate as to whether students who join gay-straight alliances in Alberta schools can keep their membership private. United Conservative Party of Alberta Leader Jason Kenney wants to change current rules that do not require Alberta students to disclose their GSA membership to their parents should his party win the provincial election April 16. Kenney supports GSAs in schools; however, he believes parents could help their children in situations where they are bullied o... Read More

ACLU: Increasing student surveillance is no solution

(Apr 8, 2019) In a blog post for the American Civil Liberties Union, Senior Advocacy and Policy Counsel Chad Marlow writes that the call for more school surveillance in the recently released Principles for School Safety, Privacy, & Equity will not help but ultimately hurt efforts to improve safety. "While the document sets forth some valuable standards, it also inadvertently provides cover for lawmakers and school officials to adopt student surveillance and policing measures that — contrary to the title o... Read More

Registration open for seventh annual IViR privacy course

(Apr 3, 2019) The University of Amsterdam’s Institute for Information Law has opened registration for its seventh annual Summer Course on Privacy Law and Policy, which will take place from July 1 to 5. Intended for those who work in the areas of privacy and data protection, the course will cover privacy law and policy related to the internet, electronic communications and social media, as well as trends and developments in the field. It will be taught by European and U.S. academics, regulators and practitione... Read More

Georgia Tech data breach affects 1.3M people

(Apr 3, 2019) Approximately 1.3 million people associated with Georgia Tech are victims of a personal data breach, EdScoop reports. An outside hacker accessed a database containing names, addresses, Social Security numbers and birthdates of current and former faculty, students, staff and applicants. Georgia Tech discovered and responded to the hack at the end of March, but the school is still investigating the full details of the breach, including the exact information and people involved. The incident comes ... Read More

Schools should take an interest in CCPA

(Apr 1, 2019) Colleges and universities have a large amount of student data in their possession, and now those institutions have to deal with the California Consumer Protection Act. The CCPA may be the most challenging form of data protection regulations colleges and universities have had to face since the Family Educational Rights and Privacy Act of 1974. In this article for The Privacy Advisor, Joshua Metayer, CIPP/US, writes about what these institutions of higher learning need to know as they get ready fo... Read More