By Robert Bateman
Google faces a $2.5 billion class-action lawsuit in the U.K., over allegations that its YouTube video-sharing platform is “breaching millions of young peoples’ privacy and data rights.”
The case is on behalf of an estimated 5 million children under 13 across England and Wales, according to a Sept.14 news release from the case’s legal team.
If successful, it would be the first class-action lawsuit against a tech company in Europe.
Google, which acquired YouTube in 2006, is accused of violating U.K. law, which states that children under 13 are unable to consent to the collection of their personal information.
“They’re using this data to capture the attention of our children,” Duncan McCann, the representative claimant in the case, told Digital Privacy News.
He has three children aged 13 or under, and McCann said he was concerned about how Google used their personal information on YouTube.
Continue reading “Google Faces $2.5B Lawsuit Over YouTube’s Collection of Children’s Data”
Privacy Experts Alarmed at Oracle’s Role in Proposed TikTok Deal
By Charles McDermid
The impact of the White House’s decision to ban TikTok and WeChat that began Sunday remained unclear, but global privacy experts were alarmed that Oracle Corp. could still become the “trusted technology partner” of the Chinese owner of the two widely popular apps.
They told Digital Privacy News that the possible deal marked the start of a global era of data localization, as nations scrambled to keep citizens’ personal data within their own borders.
“It’s easier for a government to request data stored on its territory, provided that its laws authorize it,” said Emmanuel Pernot-Leplay, a researcher in data-protection law at Tilburg University in the Netherlands. “It’s much more difficult when it has to make a request for such data when they are stored abroad.
Continue reading “‘Trusted Technology Partner’?”
By Joanne Cleaver
A home-based doggy boarding business nearly cost Dianna Sells her house.
Sells didn’t realize that her retirement business of taking in sedate older dogs for short periods violated the rules and regulations of the homeowners association (HOA) in which her house is situated in Round Rock, Texas.
After all, her yard is big, the geriatric dogs were quiet — and many of her clients were neighbors.
Then someone — Sells told Digital Privacy News she still doesn’t know who — complained to the association’s board.
Continue reading “Workers, Homeowner Associations Square Off Over Rules in Pandemic”
Schools See Rise in Cyberthreats With Online Learning
By Samantha Cleaver
This fall, back to school means back on defense.
Schools in Haywood County, N.C., started remote learning last month. They then closed abruptly because of a cyberattack.
Later in the month, Palm Springs Unified Schools in California, also virtual, reported having to clear a hacking attack. The district addressed it with teacher, student and parent training.
This is the landscape for schools for the 2020-21 year. With networks branching out into households, and hackers well aware of the value of education data, phishing and ransomware attacks are expected to be a common occurrence, experts told Digital Privacy News.
Continue reading “Back to School, Back to Crime?”
By Felix Okendo
A flaw discovered this spring within Apple Inc.’s “Sign in With Apple” feature by an India-based developer brought him $100,000 through the company’s Security Bounty Program, part of an industry genre known as “bug-bounty programs.”
“Bug-bounty programs are likely becoming an important best practice for a widening swath of industries,” Graham Dufault, senior director for public policy at ACT-The App Association in Washington, told Digital Privacy News.
Such programs offer rewards to researchers for discovering and reporting bugs in software and hardware. In most cases, the flaws are related to vulnerabilities and exploits in the products — and companies pay well for the discoveries.
Continue reading “The Security Flaw That Almost Knocked Apple Off Its Perch”
By Robert Bateman
The U.K. government is developing a nationwide “digital identity” framework that would enable it to identify individuals across various public services.
Several news outlets have characterized the scheme as a plan to assign a so-called “digital ID card” to every citizen, a move that would concern many privacy advocates.
The U.K.’s proposals are still unclear, but they do not appear to involve a physical ID card. The government claims the framework would reduce fraud and check individual identities more easily.
Continue reading “UK Officials Reveal Proposals for Digital Identity Framework”
By Nora Macaluso
Hacking-for-hire is becoming a bigger and more sophisticated tool in corporate espionage — and the market for such services is likely to continue, even as reports of high-profile, targeted attacks come to light, experts told Digital Privacy News.
Hacking-for-hire has become “more than just cracking a database and selling the information,” said Robert Siciliano, chief security architect at Protect Now in Boston. “Hacking today is a service, like hiring a lawyer or an accountant.”
Citizen Lab, a Toronto-based research laboratory focused on the intersection of digital technologies, human rights and global security, recently exposed a massive hacking operation targeting individuals and high-profile institutions worldwide.
Continue reading “Hacking-for-Hire Growing Bigger, Refined — and Far Too Common”
By David Gargaro
Saskatchewan has the highest rates of domestic violence per capita of all the 10 Canadian provinces — 1,066 incidents reported to police per 100,000 people in 2018, for instance — and officials recently took steps to curb such actions.
In June, Saskatchewan was the first province to enact the Interpersonal Violence Disclosure Protocol Act, also known as Clare’s Law.
Municipal police can now disclose information about an individual’s history of violent or abusive behavior to help protect potential future victims of domestic abuse.
Continue reading “Saskatchewan Law Against Domestic Violence Raises Privacy Concerns”
By Robert Bateman
The U.K. government has shown “scant regard to both privacy concerns and data protection duties” — and the country’s privacy regulator has failed to protect the public’s personal information, according to a letter from 22 opposition politicians.
The Aug. 21 letter, signed by 22 members of Parliament from four political parties, was addressed to the Information Commissioner’s Office (ICO) — the “data protection authority” responsible for enforcing privacy law in the U.K.
The office is headed by Information Commissioner Elizabeth Denham.
The government has been accused of breaching privacy law on numerous occasions throughout the COVID-19 pandemic, including in July, when it admitted that it had not assessed the privacy risks involved in its “test and trace” program properly.
Continue reading “UK Politicians Demand Privacy Regulator Enforce Law Against Government”
By David Tobenkin
Data stakeholders in the health care industry continue to express privacy concerns over two new U.S. Department of Health and Human Services (HHS) rules for sharing sensitive, private patient information by providers.
“We remain gravely concerned that patient privacy will still be at risk when health care information is transferred outside the protections of federal patient privacy laws,” said Matt Eyles, president and CEO of America’s Health Insurance Plans (AHIP), after the rules were issued in March.
“Individually identifiable health care information can readily be bought and sold on the open market and combined with other personal health data by unknown and potentially bad actors.
Continue reading “Health-Data Rules Still Under Fire Months After HHS Decision”