ABC's of Privacy This Week - Dec 12, 2019
Protecto
December 12, 2019
Welcome to our weekly privacy newsletter to read the latest privacy-related news from across the globe. We classify our weekly privacy newsletter into three parts namely Applause, Breaches and Current News (ABC's) of Privacy news. For any feedback on our weekly newsletter, please feel free to send your comments to social@oneDPO.com.
Applause
Indian Government Introduces Data Protection Bill in Parliament
The government of Indiaproposed sending the Personal Data Protection Bill to a joint select committeeof both Houses of Parliament amid protests by the opposition. The proposed lawwas prepared on the recommendations of the Justice Srikrishna Committee, whichseeks bars on storing and processing of personal data by entities without theexplicit consent of an individual. It also empowers the Centre to exempt anygovernment agency from the application of the proposed legislation.
For more info: https://www.reuters.com/article/us-india-dataprotection/indias-privacy-bill-seeks-access-to-users-data-from-companies-idUSKBN1YE1R4
Breaches
US Investigates School Data Breach
The U.S. Secret Service is investigating a data breach thatexposed the financial information of Maine MSAD employees. Employee informationsuch as names, dates of birth, Social Security numbers was accessed withoutauthorization. All current and former employees were notified of the incidentby email.
For more info: https://www.govtech.com/security/US-Secret-Service-Investigates-School-Data-Breach.html
British-American Tobacco Reports Data Breach
Romanian web platform owned by British AmericanTobacco has reported a Smoker data breach. The server, which contains thispersonally identifiable information (PII), has been compromised by ransomware.The leaked database, involving almost 352 GB of data, contains more than 60million entries of smoker data.
For more info: https://www.mediapost.com/publications/article/344134/smoker-data-revealed-in-british-american-tobacco-b.html
Police Gun Buyback Website Shut Down Over Privacy Breach Fears
A website hosted by the New Zealandpolice for firearm buybacks has been shut down after a potential breach of70,000 participants was discovered. Firearm owners' buyback information,including bank account numbers, were potentially available to the publicthrough the program's online notification platform. News of the breach hasprompted the National Party to tell the government it should re-thinkintroducing a firearm register.
For more info: https://www.rnz.co.nz/news/national/404629/police-gun-buyback-website-shut-down-over-privacy-breach-fears
Current News
Germany DPA Issues Fine for GDPR Violations
Germany's Federal Commissioner for Data Protectionand Freedom of Information has fined 1 & 1 Telecom for alleged violationsof the EU General Data Protection Regulation. A fine of 9.55 million euros waslevied on the company for failing to comply with GDPR. The DPA found datasecurity measures to prevent unauthorized access to customer information werenot in line with the GDPR.
For more info: https://www.bfdi.bund.de/DE/Infothek/Pressemitteilungen/2019/30_BfDIverh%C3%A4ngtGeldbu%C3%9Fe1u1.html
Hungarian Competition Authority Issues 3.6M Fine to Facebook Ireland
The Hungarian Competition Authority, the GVH, fined Facebook Ireland 3.6 million euros for alleged violations of the country's competition law. The GVH based its fine total on the advertising income Facebook Ireland obtained through Hungarian users. They claimed that Facebook benefited economically from the users' data and activities. The amount fined is the highest fine that the Authority has ever imposed in a consumer protection case.
For more info: https://www.gvh.hu/en/press_room/press_releases/press_releases_2019/gvh-imposed-a-fine-of-eur-3.6-m-on-facebook
Tiktok Settles Children's Privacy Lawsuit in the US
TikTok's parent company, ByteDance, reached asettlement with a group of parents who alleged that the company collected andexposed the data and personal information of minors. The complaint alleges thatTikTok failed to provide the proper safeguards to prevent children from usingthe app. This alleged collection would violate the Children's Online PrivacyProtection Act (COPPA). The law forbids social media companies like Facebookand TikTok from collecting the data of children under 13 years of age withoutthe express consent of their parents or guardians.
Formore info: https://gizmodo.com/tiktok-to-pay-1-1-million-to-settle-lawsuit-alleging-i-1840270155
Welcome to our weekly privacy newsletter to read the latest privacy-related news from across the globe. We classify our weekly privacy newsletter into three parts namely Applause, Breaches and Current News (ABC's) of Privacy news. For any feedback on our weekly newsletter, please feel free to send your comments to social@oneDPO.com.
Applause
Indian Government Introduces Data Protection Bill in Parliament
The government of Indiaproposed sending the Personal Data Protection Bill to a joint select committeeof both Houses of Parliament amid protests by the opposition. The proposed lawwas prepared on the recommendations of the Justice Srikrishna Committee, whichseeks bars on storing and processing of personal data by entities without theexplicit consent of an individual. It also empowers the Centre to exempt anygovernment agency from the application of the proposed legislation.
For more info: https://www.reuters.com/article/us-india-dataprotection/indias-privacy-bill-seeks-access-to-users-data-from-companies-idUSKBN1YE1R4
Breaches
US Investigates School Data Breach
The U.S. Secret Service is investigating a data breach thatexposed the financial information of Maine MSAD employees. Employee informationsuch as names, dates of birth, Social Security numbers was accessed withoutauthorization. All current and former employees were notified of the incidentby email.
For more info: https://www.govtech.com/security/US-Secret-Service-Investigates-School-Data-Breach.html
British-American Tobacco Reports Data Breach
Romanian web platform owned by British AmericanTobacco has reported a Smoker data breach. The server, which contains thispersonally identifiable information (PII), has been compromised by ransomware.The leaked database, involving almost 352 GB of data, contains more than 60million entries of smoker data.
For more info: https://www.mediapost.com/publications/article/344134/smoker-data-revealed-in-british-american-tobacco-b.html
Police Gun Buyback Website Shut Down Over Privacy Breach Fears
A website hosted by the New Zealandpolice for firearm buybacks has been shut down after a potential breach of70,000 participants was discovered. Firearm owners' buyback information,including bank account numbers, were potentially available to the publicthrough the program's online notification platform. News of the breach hasprompted the National Party to tell the government it should re-thinkintroducing a firearm register.
For more info: https://www.rnz.co.nz/news/national/404629/police-gun-buyback-website-shut-down-over-privacy-breach-fears
Current News
Germany DPA Issues Fine for GDPR Violations
Germany's Federal Commissioner for Data Protectionand Freedom of Information has fined 1 & 1 Telecom for alleged violationsof the EU General Data Protection Regulation. A fine of 9.55 million euros waslevied on the company for failing to comply with GDPR. The DPA found datasecurity measures to prevent unauthorized access to customer information werenot in line with the GDPR.
For more info: https://www.bfdi.bund.de/DE/Infothek/Pressemitteilungen/2019/30_BfDIverh%C3%A4ngtGeldbu%C3%9Fe1u1.html
Hungarian Competition Authority Issues 3.6M Fine to Facebook Ireland
The Hungarian Competition Authority, the GVH, fined Facebook Ireland 3.6 million euros for alleged violations of the country's competition law. The GVH based its fine total on the advertising income Facebook Ireland obtained through Hungarian users. They claimed that Facebook benefited economically from the users' data and activities. The amount fined is the highest fine that the Authority has ever imposed in a consumer protection case.
For more info: https://www.gvh.hu/en/press_room/press_releases/press_releases_2019/gvh-imposed-a-fine-of-eur-3.6-m-on-facebook
Tiktok Settles Children's Privacy Lawsuit in the US
TikTok's parent company, ByteDance, reached asettlement with a group of parents who alleged that the company collected andexposed the data and personal information of minors. The complaint alleges thatTikTok failed to provide the proper safeguards to prevent children from usingthe app. This alleged collection would violate the Children's Online PrivacyProtection Act (COPPA). The law forbids social media companies like Facebookand TikTok from collecting the data of children under 13 years of age withoutthe express consent of their parents or guardians.
Formore info: https://gizmodo.com/tiktok-to-pay-1-1-million-to-settle-lawsuit-alleging-i-1840270155
Prevent millions of $ of privacy risks. Learn how.
We take privacy seriously. While we promise not to sell your personal data, we may send product and company updates periodically. You can opt-out or make changes to our communication updates at any time.
