ABC’s of Privacy This Week-May 13,2020

Applause

. Harvard professor receives 2020 Knuth prize for contributions to privacy     

Cynthia Dwork, a Computer Science Professor from Harvard University, has been awarded the 2020 Donald E. Knuth Prize for “fundamental and lasting contributions to computer science.” About the award, the ACM Special Interest Group on Algorithms and Computation Theory said Dwork’s research had transformed several fields, including data privacy. 

She is known for the “introduction and development of differential privacy,” which, according to SIGACT, has “profoundly influenced the science of data privacy.”For more info: https://sigact.org/prizes/knuth/citation2020.pdf

. Zoom agrees to privacy updates in a deal with N.Y. attorney general.

According to The Hill, Zoom, and New York Attorney General Letitia James, have finally consented to a deal that guarantees the teleconference platform will increase its privacy and security measures. According to recent reports, as a part of the agreement, Zoom will add separate programs for risk assessment and data security in addition to other changes that a Zoom spokesperson said were “completed as part of our 90-day security and privacy plan.”

For more info: https://thehill.com/policy/cybersecurity/496664-zooms-to-expand-security-privacy-safeguards-as-part-of-agreement-with

. OPC, provincial commissioners issue joint statement on COVID-19 contact tracing apps

The Office of the Privacy Commissioner of Canada and provincial and territorial commissioners around the country has issued a joint statement on COVID-19 contact tracing apps. According to the report, all apps created to track the spread of COVID-19 should respect fundamental privacy principles, such as consent, transparency, and de-identification.

For more info: https://priv.gc.ca/en/opc-news/news-and-announcements/2020/nr-c_200507/

. EDPB publishes GDPR consent guidelines

According to the recent reports, the European Data Protection Board released updated guidelines for consent under the E.U. General Data Protection Regulation. The guidelines aim to clarify data subject consent with cookie walls and whether web page browsing can be considered to be user consent. However, in regards to browsing and approval, the EDPB does not consider scrolling through a website to be an official form of consent because of the ambiguity associated with characterizing user activities.

For more info: https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_guidelines_202005_consent_en.pdf

Data Breaches

. Marshals Service breach exposes prisoner data.

According to ZDNet, the U.S. Marshals Service has notified inmates that some of their personal information might have been exposed online in a December 2019 security breach. While it is unknown how many people have been affected, the breach of a public-facing USMS server containing data on current and former prisoners was discovered by the Department of Justice’s Security Operations Center. The breach revealed details of current and former prisoners, including names, birthdays, Social Security numbers, and home addresses.

For more info: https://www.zdnet.com/article/us-marshals-service-exposed-prisoner-details-in-security-breach/

. The researcher finds an open Israeli contact tracking database.

According to TechCrunch, an Israeli contact tracing database hosted by the NSO Group was left unsecured and easily accessible without a password. Several researchers had discovered the open database, which, as per the recent claims, contained “dummy data.” The database was left open for six weeks. According to recent reports, the above mentioned data included specific dates, times, and locations of individuals. The database has been pulled offline since then by the NSO, who claimed that it was a test database.

For more info: https://techcrunch.com/2020/05/07/nso-group-fleming-contact-tracing/?guccounter=1

. Global Affairs Canada breach reported to OPC.

iPolitics reports, a breach has been detected via documents within Global Affairs Canada during the 2017–18 fiscal year, it affected a federal minister’s office. It justified a report to the Office of the Privacy Commissioner of Canada. The commissioner’s office said GAC reported three privacy breaches that year but did not provide details.

For more info: https://ipolitics.ca/2020/04/30/breach-within-global-affairs-affected-ministers-office-in-2017-18-sparked-report-to-privacy-commissioner/

. A breach may have exposed 774K migrants’ details

The Guardian reports, a data breach of the Australian Department of Home Affairs has possibly exposed personal details of 774,000 migrants. 

The SkillsSelect platform containing information on potential migrants, their partial names, and application outcomes dating back to 2014 was effected by the breach. Australian Privacy Foundation board member Monique Mann called the breach “very serious” and the information “comprehensive.”

For more info: https://www.theguardian.com/technology/2020/may/03/home-affairs-data-breach-may-have-exposed-personal-details-of-700000-migrants

Current News

. Clearview A.I. ends partnerships with privacy companies.

Buzz Feed News reports, Clearview A.I., the popular facial recognition startup, has ended its partnerships with non-law enforcement entities and private companies. This decision comes in the wake of potential class-action lawsuits. Responding to one lawsuit alleging that the company violated the Illinois Bio-metric Information Privacy Act, Clearview said in legal documents filed in a state-federal court, and it would “avoid transacting with non-governmental customers anywhere.”

For more info: https://www.buzzfeednews.com/article/ryanmac/clearview-ai-no-facial-recognition-private-companies

. Facebook announces 20 members of the global Oversight Board.

Facebook has announced the names of the first 20 members of its global Oversight Board, formed to supervise the company’s privacy efforts as a requirement of its $5 billion fine by the U.S. Federal Trade Commission. 

An introduction to the board said it is “committed to making principled, independent decisions that are binding” and “issuing advisory opinions on Facebook’s content policies,” adding members come from a variety of “cultural and professional backgrounds.”

For more info: https://www.oversightboard.com/meet-the-board/