OneDPO

ABC’s of Privacy This Week-April 17

Applause

  • FTC issues COPPA guidance for remote learning

According to recent reports, as many students join the remote learning network due to the COVID-19 pandemic, The Federal Trade Commission has issued Children’s Online Privacy Protection Act guidance.The guidance is to direct education technology providers and schools; they talk about protecting students’ privacy and safeguarding their personal information. 

For more info: https://www.ftc.gov/news-events/blogs/business-blog/2020/04/coppa-guidance-ed-tech-companies-schools-during-coronavirus

  • AEPD publishes recommendations to protect minors online

Agencia Española de Protección de Datos, the Spanish data protection authority, is offering guidance for parents as well as developers to protect minors from accessing inappropriate online content.AEPD recommends parents to secure search engines and apps while practicing parental control offered by different platforms. For developers, AEPD suggests identification of the age of the viewers, applying principles of data minimization, etc. (The original post is in Spanish)

For more info: https://www.aepd.es/es/prensa-y-comunicacion/notas-de-prensa/la-aepd-publica-recomendaciones-orientadas-evitar-el-acceso

Data Breaches

  • San Francisco airport websites hacked

According to Threatpost, the login credentials of San Francisco International Airport users were compromised when two of the websites of the airport were hacked in March.

The airport authorities have revealed that attackers had inserted malicious computer code on SFOConstruction.com and SFOConnect.com to steal the said information; they also mentioned that the effected parties were possibly accessing the websites from the outside.

For more info: https://threatpost.com/sfo-websites-hacked-airport-discloses-data-breach/154709/

  • Database exposes 95M Maropost email records

According to CyberNews, an unsecured database of Maropost has exposed 95 million email records of the marketing platform. The exposed data had email addresses of clients, the date and time of the emails, and the recipient as well as the sender.The CyberNews research team found the database left unprotected on a publicly accessible server for an unknown amount of time.

For more info: https://cybernews.com/security/marketing-giant-maropost-exposes-95-million-emails-and-doesnt-seem-to-care-about-it/

  • 115M mobile users’ data for sale on dark web

Business Recorder reports, personal information of 115 million Pakistani mobile users is for sale on the dark web. Rewterz, the cybersecurity company that discovered the breach, said that the party behind it is demanding $2.1 million for the information, which includes names, addresses, mobile numbers, and national identity card numbers.

For more info: https://www.brecorder.com/2020/04/10/588270/personal-data-of-115mn-pakistani-mobile-users-go-on-sale-on-dark-web/

Current News

  • Germany adopts draft patient data protection law

The Federal Cabinet of Germany has announced the adoption of the draft Patient Data Protection Act. The act seeks to advance the country’s shift to digital health while ensuring patient data, including information found in electronic patient data records, is appropriately protected.

The German Federal Commissioner for Data Protection and Freedom of Information Ulrich Kelber has issued a response to the adoption, noting that the law requires further privacy considerations, especially regarding access to patient data. (The original post is in German)For more info:https://www.bundesgesundheitsministerium.de/pdsg.html