Privacy class-action lawsuit over employee fingerprint scans

(Jul 17, 2019) A class-action lawsuit has been filed against Saporito Finishing alleging violation of the Illinois Biometric Information Privacy Act, the Cook County Record reports. Plaintiff Elliot Smart alleges the metal-finishing company made employees clock in and out of work using their fingerprints without obtaining permission or consent as required by law. Smart also claims the company never informed him how the company stores the information. He is seeking damages of $1,000 to $5,000 per violation. The... Read More

The Privacy Advisor Podcast: CCPA co-architect on this week's amendments

(Jul 12, 2019) There's no question that the California Consumer Privacy Act has captured the attention of not only U.S. stakeholders, but global counterparts, as well. Perhaps even more concerning to companies aiming to comply with the law before it becomes effective in 2020 is the uncertainty surrounding the seemingly endless number of amendments being considered by California's legislature. How do you prepare to comply with a law that's not fully baked? In this episode, co-author of the CCPA ballot initiativ... Read More

Roundup: Brazil, Canada, France, Germany, Rwanda, US and more

(Jul 1, 2019) In this week’s Privacy Tracker global legislative roundup, discussions on the EU-U.S. Privacy Shield are set to ramp up. Google is being accused of privacy violations with lawsuits in France and the U.S. A Massachusetts city joined San Francisco in banning government use of facial-recognition surveillance. Rwanda approved new cybersecurity and data protection measures in the African Union Convention. Concerns over the potential weakness of the California Consumer Privacy Act are rising. And the ... Read More

US Senate report criticizes federal agencies' data protection track record

(Jun 26, 2019) A report published Tuesday by the U.S. Senate Committee on Homeland Security and Governmental Affairs shows several government agencies have not effectively protected the personal data of U.S. citizens over the last decade, ABC News reports. The report reveals the findings of a review of inspector general reports from the last 10 years at the Departments of Homeland Security, State, Transportation, Housing and Urban Development, Agriculture, Health and Human Services, Education and the Social Se... Read More

Ill. Legislature passes Artificial Intelligence Video Interview Act

(Jun 25, 2019) The Illinois Legislature has passed the Artificial Intelligence Video Interview Act, according to Hunton Andrews Kurth's Privacy & Information Security Law Blog. State employers cannot use AI to evaluate job interview videos under the law unless they obtain consent prior to the interview, as well as inform the candidate AI may be used to analyze the video, about how the AI works, and about the types of characteristics it will examine. Employers are not allowed to share the videos “except wit... Read More

CNIL fines company 20K euros for illicit employee surveillance

(Jun 18, 2019) France’s data protection authority, the CNIL, fined Uniontrad Company 20,000 euros for the video surveillance systems it set up to monitor its employees. Staff members filed complaints with the CNIL between 2013 and 2017 over the filming. The CNIL conducted an investigation in February 2018, when it found the cameras not only recorded employees’ activities continuously, but staff members were also never told exactly what was chronicled. The CNIL ordered Uniontrad to change its practices; however... Read More

NSHA hit by phishing attack

(Jun 14, 2019) The Nova Scotia Health Authority was impacted by a phishing attack that compromised an employee’s email account, Global News reports. NSHA Director of Privacy Karen Hornberger said the employee entered their credentials into a malicious link that allowed hackers to access the staff member’s inbox. The health care organization is in the process of notifying the 2,841 people who had their information exposed. Nova Scotia Information and Privacy Commissioner Catherine Tully said she was surprised a... Read More

Defendants file for dismissals in Illinois case of employee biometric scans

(May 24, 2019) Northwestern Memorial Hospital and a pair of medical vendors are calling for the U.S. District Court for the Northern District of Illinois to dismiss a putative class action against them regarding possible unlawful biometric scanning of employees, the Cook County Record reports. Two workers at two hospitals in Northwestern's system are claiming Northwestern violated the Illinois Biometric Information Privacy Act by not disclosing or obtaining consent for the sharing of fingerprint scans with Omn... Read More

Australian man wins landmark privacy case against employer

(May 23, 2019) Jeremy Lee from Queensland, Australia, won a landmark case against his employer after he was fired for refusing to use his fingerprint to clock in and out of work. He sued for unfair dismissal and claimed his right to deny consent to the use of his biometric data was protected under the country’s Privacy Act. The court overruled an earlier decision that the company’s fingerprinting policy was reasonable. The upper court ruled that Lee is the owner of his biometric data and the dismissal was unfa... Read More

Why Cross-Device Tracking May Put Company Data at Risk

(May 20, 2019) This article from SHRM looks at how cross-device tracking affects HR and IT professionals who are tasked with keeping data secure. The article breaks down cross-device tracking and offers ways to help combat the risks involved.  Click To Download... Read More