gdpr
Latest
European Commission proposes strict policies to govern AI use
As governments around the world consider how to regulate AI, the European Union is planning first-of-its-kind legislation that would put strict limits on the technology.
Ireland's data privacy agency opens investigation into Facebook data leak
Ireland's Data Protection Commission (DPC) is investigating the recent leak of a Facebook user dataset that dates back to 2019.
TikTok struck with consumer law complaints in Europe
TikTok is facing complaints over its data collection policies in multiple European countries.
GDPR fines skyrocket as EU gets tough on data breaches
The EU is ready and willing to enforce data breaches against companies with lax security.
Instagram's handling of children's data sparks EU investigation
Europe’s head regulator over Facebook is investigating Instagram over how it protects kids’ personal information.
Reuters: UK Google users will lose GDPR protections (update)
Google users in the UK might feel another effect of the Brexit process, and it's one they may not have expected. According to Reuters, the tech giant is planning to place British users' accounts under US jurisdiction, which means they're losing the protections of the EU's General Data Protection Regulation. As the news organization notes, the GDPR is known for having one of the world's strictest set of rules for data privacy and gives authorities the power to impose aggressive fines.
Facebook Dating's Valentine's Day launch in Europe is canceled
Facebook has been forced to withdraw a planned rollout of Facebook Dating in Europe after Irish data protection regulators stepped in. The service was due to launch in time for Valentine's Day, but Facebook pulled the plug after officials raised concerns about its compliance with EU law.
Ireland's data privacy watchdog opens probes into Google and Tinder
Ireland's Data Protection Commission (DPC) has opened two separate GDPR investigations into Google and Tinder. In the case of the latter, the agency says it will examine how the dating app handles people's data and whether it's been transparent about the process.
After Math: Risky businesses
Joel Goodsen would blush seeing the sorts of shenanigans some of these these corporations have been getting into. And occasionally even succeeding at. Netflix goosed its viewing criteria to give a coin to its Witcher, Microsoft had another privacy whoopsie, and Germany just straight up forgot to upgrade its OS and is now paying the price. Here are five of the week's top business headlines.
The latest Chrome OS education devices will get updates for eight years (updated)
To help schools get more out of their limited resources, Google is extending the length of time it plans to support new Chrome OS education devices with security and platform updates. Starting this year, the latest education devices from Lenovo and Acer will get automatic updates until June 2028, and it seems that other new devices could receive similar support as well. Before today, Google guaranteed to support most devices with at least six years of automatic updates. To pay for the additional support, the company is increasing the price of its Chrome Education Upgrade, a one-time license school boards can purchase to get additional support from Google, from $30 per device to $38 per device. However, all new devices will get eight years of support, whether a school buys the Chrome Education Upgrade or not.
GDPR has led to $126 million in fines over data privacy
It's been a year and nearly eight months since the EU's data privacy law, the GDPR (General Data Protection Regulation), came into force and 114 million euros ($126 million) in fines have been imposed so far, according to a new report. The law firm DLA Piper also said that 160,000 data breaches have been reported in this time -- most of them coming from the UK, Germany or the Netherlands. The last year has seen an increase in breaches reported by 12.6 per cent compared to the first eight months of the GDPR.
Study finds Grindr, OKCupid and Tinder sharing sensitive data (updated)
Some of the most popular dating apps have been accused of playing fast and loose with particularly sensitive data. The Norwegian Consumer Council has published a report accusing Grindr, OKCupid and Tinder of spreading various degrees of information about GPS location, sexuality and other personal information in irresponsible ways. While Grindr has vowed not to share HIV statuses and some sexual gropu identification with ad partners, it transmits user tracking info and the app's name to over a dozen companies, effectively identifying users as LGBT. OKCupid even sent data on drug use, ethnicity and political views to the analytics firm Braze.
Most websites don't follow European cookie consent laws, study shows
Websites that operate in Europe are supposed to follow GDPR rules that let consumers to opt out of cookie-type tracking. However, most are making it "substantially more difficult" to reject all tracking than to accept it, according to a new study called Dark Patterns after the GDPR, by researchers from MIT, UCL and Aarhus University. In fact, only 11.8 percent of the 10,000 websites they checked "meet the minimal requirements that we set based on European law," the team wrote.
International money transfer service Travelex held ransom by hackers
Foreign exchange company Travelex has been targeted by hackers demanding $6 million (£4.6 million), in an attack many believe could have been averted months ago. The ransomware gang known as Sodinokibi -- also as REvil -- says it has downloaded more than 5GB of sensitive customer data, including dates of birth, credit card information and national insurance numbers, which it will publish if payment is not made within a week. The hackers originally demanded $3 million, but doubled the sum after two days of non-payment.
The laws protecting our data are too weak
The latest in a long line of privacy scandals happened last week, after Google was found to have been pulling unredacted data from one of America's largest healthcare providers to use in one of its projects. Despite assurances that it won't use this information to supplant its ad business, that's not the issue here. How was Google able to acquire this knowledge in the first place?
Twitter introduces a Privacy Center to keep users informed
Today, Twitter launched a Privacy Center, where it will share announcements, new privacy products and communication about inevitable security incidents. "By using Twitter, you've shown us that you trust us with your data," the Twitter Privacy Center states. "We do not take that trust lightly."
Google vows to never store Assistant recordings without permission
Google has announced that it will do more to protect user privacy for its Google Assistant and confirmed that it doesn't save voice recordings by default. The news comes after revelations that a Google contractor was leaking private user audio recordings meant to improve its translation service. "It's clear that we fell short of our high standards in making it easy for you to understand how your data is used, and we apologize," wrote the company wrote in a blog post.
Google temporarily stops Assistant audio transcriptions in the EU
Google has halted the transcribing of recordings from its voice assistant in the EU. The company faced backlash last month after 1,000 private conversations recorded on its Google Assistant product were leaked to the Belgian news outlet VRT NWS. The tech giant is now voluntarily suspending the practice and assessing how it conducts audio reviews, reported CNBC.
Marriott faces $123 million UK fine over data breach
Marriott might soon face a stiff penalty for the massive November 2018 data breach. The UK's Information Commissioner's Office plans to fine the hotel chain £99,200,396 (about $123.7 million) for allegedly violating the EU's General Data Protection Regulation through the incident. Marriott didn't conduct "sufficient due diligence" when it bought Starwood, according to the regulator, and "should also have done more" to improve security.
UK regulator to hit British Airways with record fine over 2018 hack
The UK's data privacy authority has announced it intends to levy its largest ever fine against airline British Airways (BA). The airline will have to pay £183.39 million ($230 million) to the Information Commissioner's Office (ICO) for failing to protect its customers' data.
