Daily Digest (12/11)

COVID vaccine documents accessed in cyberattack on EU’s EMA; EPIC seeks investigation into exam-proctoring software; French privacy watchdog fines Google, Amazon; German watchdog launches investigation into Facebook over VR.

COVID Vaccine Documents Accessed in Cyberattack on EU’s EMA

German biotech firm BioNTech said Wednesday that documents relating to the COVID-19 vaccine it had developed with Pfizer were accessed after a cyberattack on Europe’s medicines regulator.

The European Medicines Agency (EMA), which is responsible for assessing and approving vaccines for the European Union, said it had been targeted in a cyberattack, The Guardian reports.

It was unclear when or how the attack occurred or what other information was compromised, according to the report.

Britain’s National Cyber Security Centre said it was investigating the cyberattack and its impact on the U.K. 

An agency spokesperson told the Guardian: “We are working with international partners to understand the impact of this incident affecting the EU’s medicine regulator, but there is currently no evidence to suggest that the U.K.’s medicine regulator has been affected.”

BioNTech said the EMA had told it that “the agency has been subject to a cyberattack and that some documents relating to the regulatory submission for Pfizer and BioNTech’s COVID-19 vaccine candidate … had been unlawfully accessed.”

Sources (all links external): 

EPIC Seeks Investigation Into Exam-Proctoring Software

The nonprofit Electronic Privacy Information Center (EPIC) urged the District of Columbia’s attorney general on Wednesday to investigate the “unfair and deceptive” practices of five exam-proctoring companies.

EPIC sent notices to the companies — Respondus, ProctorU, Proctorio, Examity and Honorlock — threatening to bring civil lawsuits against them if they did not stop their “excessive and unjustified” collection of sensitive student data, Vice’s Motherboard reports. 

In the complaint to the D.C. attorney general, EPIC claimed that the services collected more data about students than was needed to accomplish their alleged purpose of catching exam cheaters.

“This is exam period for a lot of schools — and I think it’s easy to think of these (companies) in abstract terms, but they cause real, tangible harms,” John Davisson, an EPIC senior staff attorney, told Motherboard.

“Put yourself in the shoes of a student sitting at a desk with a camera monitoring their every movement, afraid that they’re going to look the wrong way or make a strange shadow that’s going to put them in a position of being accused of cheating by an algorithm.”

EPIC also claimed that Proctorio and Honorlock deceived consumers by claiming they did not use facial-recognition technology, Motherboard reports.

The companies instead claimed they used  “facial detection,” which EPIC argued was the same. 

The companies named in the complaint objected to EPIC’s statements.

French Privacy Watchdog Fines Google, Amazon

France’s data-privacy watchdog fined Google $120 million for breaching rules on online advertising trackers. 

The National Commission on Informatics and Liberty (CNIL) said Thursday that it also had fined Amazon $42.4 million for breaking the same rules, Reuters reports. 

The regulator found that the companies’ French websites did not seek the prior consent of visitors before advertising cookies were saved on computers.

Google and Amazon also failed to provide clear information to internet users about how the firms intended to use such online trackers and how visitors could refuse any use of the cookies, the agency said.

“We stand by our record of providing upfront information and clear controls, strong internal data governance, secure infrastructure, and above all, helpful products,” Google told Reuters in a statement.

Amazon similarly disagreed.

“We continuously update our privacy practices to ensure that we meet the evolving needs and expectations of customers and regulators and fully comply with all applicable laws in every country in which we operate,” the company said.

German Watchdog Launches Investigation Into Facebook Over VR

German regulators launched an investigation Thursday into Facebook’s decision to link its Oculus virtual reality products to its social network, officials said.

The Federal Cartel Office, or Bundeskartellamt, said it had initiated abuse proceedings over Facebook’s plans to require users of the latest Quest 2 virtual reality glasses produced by Oculus to register with a Facebook account, The Associated Press reports. 

“Linking virtual reality products and the group’s social network in this way could constitute a prohibited abuse of dominance by Facebook,” said Bundeskartellamt President Andreas Mundt. 

“With its social network, Facebook holds a dominant position in Germany and is also already an important player in the emerging but growing VR market,” he said. “We intend to examine whether and to what extent this tying arrangement will affect competition in both areas of activity.”

In a statement to AP, Facebook said that it already had paused sales of its Oculus products in Germany this year. 

“While Oculus devices are not currently available for sale in Germany, we will cooperate fully with the Bundeskartellamt and are confident we can demonstrate that there is no basis to the investigation,” Facebook said.

– By DPN Staff