OPC finds company's use of Facebook profiles violated Canadian privacy law

(Jul 20, 2018) In a news release, the Office of the Privacy Commissioner of Canada announced New Zealand–based social network and search engine startup Profile Engine violated Canadian privacy law when it scraped public profiles of approximately 4.5 million Canadians for reuse on its own site. The company has claimed it has profile information of more than 420 million people. Though Profile argued the information was public and that consent was not needed, the OPC's "investigation determined that was not the c... Read More

Senators: Privacy law must keep up with tech

(Jul 20, 2018) In a column for the Toronto Star, Sens. Art Eggleton and Raymonde Saint-Germain opine that Canadian privacy law is not keeping up with advancing technology. Citing a survey conducted by the Office of the Privacy Commissioner of Canada, which found 74 percent of respondents felt they had less protection of their personal information than a decade prior, and in conjunction with the Facebook-Cambridge Analytica revelations, "Canadians are right to be concerned," they write. "Canada needs to model i... Read More

Man sues Facebook $500K for 'anxiety' from Cambridge Analytica revelations

(Jul 20, 2018) A man from Toronto is suing Facebook $500,000 for the Cambridge Analytica data-sharing revelations, IT Business Canada reports. Alfonzo Mattucci filed suit against the company over claims he has received hundreds of unsolicited calls and emails since the incident. A lawyer for Mattucci said his client was notified twice from Facebook that his "personal information had been improperly accessed and shared with Cambridge Analytica without his consent or knowledge." Darryl Singer, Mattucci's lawyer,... Read More

ICO issues 200,000 GBP fine for identifying email recipients' identities

(Jul 19, 2018) The U.K. Information Commissioner’s Office fined the Independent Inquiry into Child Sexual Abuse 200,000 GBP for sending a bulk email that identified possible victims of non-recent child sexual abuse. The fine follows 22 complaints made to ICO after an IICSA staff member mistakenly placed email addresses in the "to" field rather than the "bcc" field when sending an email notice to participants. In sending the email, IICSA made it possible for recipients to identify 52 people whose full names wer... Read More

Singer wins privacy case against BBC

(Jul 19, 2018) Sir Cliff Richard, a musician, has won his privacy case against the BBC for its coverage of a police raid on his home. The U.K. High Court awarded Richard 210,000 GBP. The raid was conducted in 2014 as part of an investigation into child sex allegations. The judge of the case said a suspect of a police investigation "has a reasonable expectation of privacy" and that Richard's case was not a "genuine public interest" case. The judge also said the decision could have a "significant impact on press... Read More

Zuckerberg talks Cambridge Analytica, privacy in Recode interview

(Jul 19, 2018) Facebook CEO Mark Zuckerberg sat down with Recode's Kara Swisher for an in-depth and wide-ranging interview, including about Cambridge Analytica, misinformation, regulation of social media, the role Russia played on Facebook during the 2016 presidential election, and user privacy. Zuckerberg also discussed the EU General Data Protection Regulation. "During the GDPR flows, and rolling that out, one of the specific things that we needed to do was get specific opt-in permission from people to use i... Read More

Robocall firm exposes US voter data

(Jul 19, 2018) A political campaign and robocalling company has left a trove of voter files exposed online, ZDNet reports. Claiming it can "reach thousands of voters instantly," the Virginia-based company's misconfiguration allowed hundreds of thousands of voter files — which included names, addresses, political affiliations, genders, phone numbers and age — to be searchable without a password, the report states. The company, Robocent, said it is investigating the incident and has secured the data. Full Story... Read More

Researcher compiles public-facing transactions from payment app

(Jul 18, 2018) Berlin-based privacy researcher Hang Do Thi Duc has released new research on the more than 18 million Venmo users who have not changed the platform's default settings to make payments private, CNNMoney reports. Venmo, an app that allows individuals to transfer money, facilitated nearly 208 million public transactions last year. "There are some people who are intentionally public, but there are a lot of people who are not aware of this public by default setting," she said. "Whether you're sharing... Read More

UK High Court decision on RTBF in relation to past criminal offenses

(Jul 18, 2018) The High Court of England and Wales handed down judgment in the joined cases of NT 1 & NT 2 v Google LLC ([2018] EWHC 799 (QB)) April 13. The cases address the scope of a person's right to have results about them delisted by the Google search engine when no longer relevant, in line with the 2014 Court of Justice of the European Union ruling in the Google Spain case (ZD 2014, 350 m. Anm. Karg). As is well known, this so-called ‘right to be forgotten’ has subsequently been incorporated in Arti... Read More

IT companies flag NZ database with 800,000 health records

(Jul 17, 2018) The New Zealand Herald reports a controversy has erupted over a database containing the medical information of 800,000 patients. Four health care IT companies in New Zealand and Australia have reported the issue to the New Zealand privacy commissioner, arguing the practice may be in violation of the NZ Health Information Privacy Code. The companies allege ProCare Health was placing sensitive health information into one large database. In a letter to the privacy commissioner, the IT companies sta... Read More