Daily Digest (11/24)

UK Watchdog Probing Google’s Ad Data Plan After Complaints; IATA Introduces Apps for COVID-19 Travel; Patient Data Exposed in LSU Medical Center Breach; Russia Begins Case Against Google for Failing to Ban Content.

UK Watchdog Probing Google’s Ad Data Plan After Complaints

Google faces legal scrutiny in Britain over its plans to change its ad data system following a complaint by a lobbying group that the changes would strengthen the company’s online dominance.

Marketers for an Open Web, a coalition of technology and publishing companies, said Monday that it was imploring the U.K. competition watchdog to force Google to delay the rollout of its “privacy sandbox,” scheduled for early next year, The Associated Press reports.

The technology would remove third-party cookies that allowed users to be tracked site-to-site by storing information on their devices, replacing them with tools owned by Google.

This means that logins, advertising and other features would be taken off the open web and placed under Google’s control, the group said.

The U.K. Competition and Markets Authority confirmed that it had received the complaint, according to AP.

“We take the matters raised in the complaint very seriously and will assess them carefully, with a view to deciding whether to open a formal investigation under the competition act,” the agency said in a statement.

The authority added that if the concerns needed urgent attention, it would consider using “interim measures” to stop suspected anticompetitive conduct pending a full investigation.

Google said the technology would support publishers and would increase user privacy.

“The ad-supported web is at risk if digital-advertising practices don’t evolve to reflect people’s changing expectations around how data is collected and used,” the company told AP.

Sources (all links external):

IATA Introduces Apps for COVID-19 Travel

The International Air Transport Association (IATA), which represents major airlines, said Monday that it had been developing mobile apps to help passengers navigate COVID-19 restrictions and to securely share test and vaccine certificates with carriers and governments.

IATA plans to pilot its “travel pass” platform for Android and Apple iOS phones in the first half of next year, Reuters reports.

“Our main priority is to get people travelling again safely,” said IATA’s security chief, Nick Careen.

“That means giving governments confidence that systematic COVID-19 testing can work as a replacement for quarantine requirements.”

Passengers’ health and other data are not stored centrally, but they are authenticated with blockchain, leaving consumers in control of what they share, IATA said.

A “contactless travel” app on the platform would combine passport information with test and vaccination certificates received from participating labs, according to Reuters.

The app also would use data from global registries for health requirements and testing and vaccination centers.

Patient Data Exposed in LSU Medical Center Breach

Louisiana State University said that its medical centers had experienced a cyberattack that exposed the personal information of thousands of patients.

On Friday, LSU Health New Orleans issued a HIPPA breach notification after detecting a hack in an employee’s email, Infosecurity reports.

“The intrusion appears to have occurred on Sept. 15, 2020, and the mailbox access was discovered and disabled on Sept. 18, 2020,” LSU Health said in a statement.

The compromised data involved patients who received care at several LSU medical centers, including names, medical-record numbers, birth dates, Social Security numbers, phone numbers, addresses and insurance identification numbers.

LSU Health said that while “it is possible that this information was accessible,” its Health Care Services Division “is not aware that the intruder actually accessed or misused the patient information in the employee’s mailbox,” Infosecurity reports.

LSU said it did not yet know how many were affected by the breach.

“When the intrusion was discovered, the LSU Health Care Services Division’s Compliance and Privacy Department began the difficult and laborious process of identifying any patients whose information may have been compromised,” LSU Health said in a statement.

“While the exhaustive investigation has found thousands of patients, work continues to discover any others.”

LSU encouraged all patients who might have been affected to monitor their credit reports for potential identity theft, Infosecurity reports.

Russia Begins Case Against Google for Failing to Ban Content

Russia has opened a case against Google for failing to remove banned content from its search engines, the communications watchdog, Roskomnadzor, said Monday.

Roskomnadzor opened “administrative proceedings” that could lead to a court case and fines of up to $65,670, Reuters reports.

The watchdog said that Google had failed to remove up to 30% of “dangerous content,” some of which was considered extremist, pornographic and suicidal.

Google’s Russian offices declined to comment, according to Reuters.

In August, a Russian court fined Google 1.5 million roubles ($20,350) after finding the company guilty of failing to block content banned in the country.

By DPN Staff