ABC’s of Privacy This Week – Nov 27, 2019

Welcome to our weekly privacy newsletter to read the latest privacy-related news from across the globe. We classify our weekly privacy newsletter into three parts namely Applause, Breaches and Current News (ABC’s) of Privacy news. For any feedback on our weekly newsletter, please feel free to send your comments to social@onedpo.com.

Applause

California Proposes Guidance for Privacy Law

California Office of the Attorney General addressed methods for handling and verifying consumer requests, training, recordkeeping, and the special statutory provisions concerning minors. Following CCPA’s footsteps, The New York Stop Hacks and Improve Electronic Security Data Act (SHIELD Act) is set to take effect from March 21, 2020. The SHIELD law amends the current New York breach notification statute and increases data security protections.

For more info: https://www.journalofaccountancy.com/news/2019/nov/proposed-guidance-california-consumer-privacy-act-201922530.html

Breaches

T-Mobile Data Breach Affects More Than One Million Prepaid Users

The US telecom giant T-Mobile has confirmed that it suffered a data breach, which compromised the personal data of over a million customers. Though the information exposed did not include any financial information, social security numbers or password data, other important information like users’ names, billing addresses, phone numbers, account numbers and plan information were compromised.

For more info:  https://www.pymnts.com/news/security-and-risk/2019/t-mobile-data-breach-puts-personal-data-of-1m-customers-at-risk/

Smartphone Maker OnePlus Reports Data Breach

India’s cybersecurity agency CERT-In claimed that less than 3K Indian customers were exposed in the recent OnePlus security breach. The cybersecurity body further stated that the users may receive spam and phishing emails as a result of this incident. As a precautionary measure, the OnePlus users were advised to change their account passwords with a strong password.

For more info: https://inc42.com/buzz/oneplus-security-breach-impacted-data-of-3k-indian-users-cert-in/

Current News

Spanish DPA Issues Fine for GDPR Violations

The Spanish data protection authority has fined Corporación de Radio y Televisión Española for alleged violations of the EU General Data Protection Regulation. A fine of 60,000 euros was levied on the company for failing to comply with Article 32 of the GDPR after it lost devices that contained sensitive personal information.

For more info: https://iapp.org/news/a/spanish-dpa-issues-60k-euro-fine-for-gdpr-violations/

Turkish DPA Can Now Lodge Criminal Complaints Over Data Breaches

The Board for Protection of Personal Data will now be able to make criminal complaints against those who use software programs or applications that access the personal data of the public. A criminal complaint can be made against the users against those who violate data protection and the necessary legal proceedings can be initiated along with an administrative fine up to TL 1 million.

For more info: https://www.dailysabah.com/turkey/2019/11/21/criminal-complaints-to-be-lodged-over-personal-data-breaches

Mozilla Publishes Privacy-focused Gift Guide

Navigating the privacy terms for every single tech product can be a confusing maze and figuring out security standards for these gadgets can be even more difficult. Mozilla published its annual ‘Privacy Not Included gift’ guide, with ratings on the security of 77 products — from smart speakers to fitness trackers — along with a review of how the devices share your data. Out of hundreds of products, only sixty-two products met Mozilla’s minimum-security standards.

For more info: https://foundation.mozilla.org/en/privacynotincluded/

Chaayos Under Fire for Using Insecure Facial Recognition Tech

Chaayos, the multi-city chain of tea cafes based out of India, is under fire on social media for employing facial recognition, allegedly without customer consent. Questions were raised about how Chaayos has implemented the technology. Reacting to the backlash, in an official statement, Chaayos said that it does not use or process this information for any other purpose. This action has pushed for an effective data protection bill in India.

For more info: https://www.newindianexpress.com/business/2019/nov/25/tea-cafe-chain-chaayos-faces-ire-over-enabling-face-recognition-without-customer-consent-2066717.html