Some items on our site have recently moved. Visit our News Hub for selected articles, special reports, podcasts and other resources.
Data Privacy & Security
Data privacy & security news from MLex helps you prepare as regulations develop and evolve with ever changing needs. From the germ of a new rule or law, through to adoption, implementation and enforcement, MLex has dedicated journalists across the globe monitoring the latest in data privacy, data protection and cyber security. We actively cover GDPR and CCPA, along with proposed US state bills and individual country laws. The selected stories below represent some of the latest data privacy and security news reporting from our expert journalists across the globe.
Recent Data Privacy & Security articles
-
When the EU’s General Data Protection Regulation came into force five years ago, some said it would usher in a new era of EU supremacy over Silicon Valley's tech giants, reining in their rampant data-driven power. -
Since the General Data Protection Regulation took effect five years ago this week, more than 40 countries have enacted national privacy laws, most of which drew liberally from the canonical text of the EU law. -
The count of countries with data protection laws more than doubled to 162 over the past dozen years, a total that includes a wide majority of the world’s nations, with new research suggesting data protection rules are approaching ubiquity. -
Meta Platforms social-media unit Facebook must suspend its transfers of personal data from the EU to the US. -
UK’s data protection watchdog push to support early-stage novel products and applications -
UK’s ambitions to grow its flourishing artificial intelligence industry and promote innovation -
A coalition of advocacy groups and lawmakers urged the Federal Trade Commission to hold companies accountable as online harms against people of color and women proliferate. -
Video-sharing app TikTok’s potential sale or divestment in the US could face a series of legal hurdles in China -
EU policymakers’ focus on the ChatGPT program when discussing the Artificial Intelligence Act lays bare a dilemma -
Meta Platforms faces a regulatory push to have to delete data that it has transferred from the EU to the US since the watershed "Schrems II" -
Fifth anniversary of the eruption of the Cambridge Analytica privacy scandal in March 2018. -
Big Tech companies have an edge over startups and new players because of the vast troves of user data at their disposal. -
Funding could hinder Australia’s plans to overhaul its aging privacy regime. -
Five US state privacy laws go into effect this year, with more taking form across the country, and rules about how AI -
US Supreme Court is poised to hear oral argument about whether social media platforms such as YouTube and Twitter -
Social media companies can expect more calls to put child safety over profit after US President Joe Biden cast them as Pied Pipers -
Unsealed court documents that illuminate Facebook’s crash program to understand the scope of its privacy exposure. -
Meta Platforms agreed to pay $725 million to settle litigation over its data-sharing practices with apps on the Facebook platform -
Meta Platforms faces another bruising year of global data protection enforcement in 2023 -
Bedoya, proposed rulemaking on commercial surveillance and data security and decided several major cases on consumer protection and competition -
No continent, however, has seen more data protection growth in recent years than Africa. -
International data flows could be shaped by a new declaration of “common principles” on governments’ access. -
The regulators hoped to sell a settlement that would give Facebook users more control and transparency over the personal data they shared with apps -
Lawmakers mull privacy legislation, they should examine whether restrictions on companies might limit consumer choice -
FTC needs to hire a new type of expert to study online harm: psychologists. -
After years of incremental developments in Southeast Asia's data-privacy landscape, things now appear to be changing — fast -
Google employees and executives believe the company is failing its users on privacy as it persists with practices that are opaque -
Data privacy isn’t a new concept in Indonesia, with data-protection policies already in place covering 30 different rules and regulations -
US cybersecurity professionals are stunned as federal jury found former Uber Technologies security chief guilty -
Singtel Optus’s mass data breach saw the data of almost 10 million Australians put at risk -
DPA's leadership split along the lines of the country's two main language communities -
British Foreign Secretary Liz Truss won the race to be next prime minister -
Cybersecurity industry will be rooting for Joseph Sullivan on his trial -
Meta may not escape sanctions over alleged discovery misconduct in the case -
Google and Meta Platforms, fighting proposed US class-action litigation over their collection of personal data -
Data protection authorities across the EU seems increasingly troubled by political motives that delay the appointments of their top officials. -
American Data Privacy and Protection Act, US lawmakers were inspired by privacy principles in Europe’s GDPR -
EU will view any legacy of anti-virus technology through the prism of the tight standards set by its GDPR -
National privacy legislation blessed by a congressional committee just change the privacy landscape of the US -
A controversial data protection fine against a Dutch football television channel has been overturned -
Comprehensive US national privacy bill is speeding through Congress, and changing rapidly -
US FTC will search for privacy or security threats posed by apps that collect location and reproductive and other health data -
Standing between insurers and the unimpeded use of data collected by a smart watch is industry regulation -
EU-based websites mustn't use Google Analytics because of rules against transferring personal data to the US, the Italian privacy watchdog ruled. -
Enforcement of the GDPR against Big Tech is failing, and called for a more centralized approach. -
US Supreme Court appears poised to overturn the 1973 Roe v. Wade decision that legalized abortion -
Accused Capital One hacker Paige Thompson has been described as many things during her two-week US trial in Seattle -
Stellantis split from EU’s car lobby group ACEA highlights the broad range of regulatory challenges that carmakers face -
e South Korean privacy regulator began to promote the CBPR certification to the country's businesses -
Lina Khan isn't backing off her ambition to push the agency to be an active, forward-looking antitrust and privacy enforcer. -
The increasing use of a mechanism to resolve disputes between EU data-protection regulators may present logistical and resource challenges -
A long-awaited circular on admin fines is set to encourage stricter compliance with the Philippines data privacy law -
Under-resourced and under pressure, the Irish Data Protection Commission has long endured criticism from privacy campaigners -
Vowing to open-source the algorithm for the Internet’s often unruly public square, Elon Musk reached a deal today to buy Twitter -
Yoon Jong-in, chairman of the South Korea's new privacy watchdog, describes his experiences building the agency from scratch -
Google faces sanctions in litigation over its allegedly illegal tracking of people using Chrome’s “Incognito” mode. -
Uncertainly on the new transatlantic data transfer “framework” to new regulation such as Europe’s Digital Services Act -
Outside the United States, Clearview AI’s business model is under threat. Australia and Canada have forced the company to shutter its local operations -
As Utah prepares to become the fourth state to enact a consumer privacy law, the patchwork of US privacy regulations the tech industry dreaded and predicted is taking shape -
Western efforts to isolate the Kremlin economically and politically have not resulted in that country’s disconnection from the internet -
EU leaders have responded to Vladimir Putin’s invasion of Ukraine with the harshest sanctions in the bloc's history -
Data protection enforcement against Big Tech companies wouldn't be quicker if the Irish data protection agency was reformed -
EU’s Artificial Intelligence Act is yet in sight, but businesses are starting to get an idea of how enforcement might look -
Carmakers & tech will scrutinize the data retention regime suggestion for how UK should regulate automated vehicles -
Camera-based driver-monitoring technology has become increasingly popular with carmakers and transportation companies. -
United States in 2021 had a record year for data breaches involving electronic health data -
France’s privacy watchdog is cracking down on how US Big Tech seeks consent from users for advertising cookies -
Enacting state laws aimed specifically at regulating how businesses collect biometric information, including voice recordings, fingerprints and face scans -
Facebook changed some of its privacy practices to comply with the US Federal Trade Commission’s 2019 privacy settlement, -
China's largest ride-hailing app Didi Chuxing may offer a lesson to Chinese data-sensitive companies currently listed in the US. -
Facebook was accused of illegally copying the world’s largest repository of digitized and realistic three-dimensional objects and scenes -
US automotive industry urges the government to take regulatory action to support the deployment of driverless vehicles -
On Capitol Hill, it appears privacy policymaking has hit a wall. That’s been a challenge for the FTC. -
Facial recognition tools are coming under intense scrutiny in Europe, with privacy watchdogs using the GDPR -
Facebook should be fined and have to make its terms of service more transparent after violating EU data protection -
Momentum is building among congressional Democrats to give the FTC funding to create a new bureau to focus on data security and privacy matters, -
Facebook’s senior leaders have long warned that privacy would soon affect its bottom line, as new privacy laws in Europe -
Republican commissioners have complained about being cut out of the information flow at the FTC. -
Facebook’s internal response to its landmark $5 billion privacy settlement with the US Federal Trade Commission -
Website owners that haven’t followed French guidelines on cookie banners are likely to face fines before the end of the year -
The rapid development of the smart-vehicle industry could cause significant security risks if regulation fails to catch up -
Apple’s attempt to thread the needle between privacy and combatting child exploitation. -
Artificial intelligence to process massive data volumes creates market concentration that poses systemic risk. -
One thing is clear since the CCPA took effect: obtaining damages under the law in US federal court is difficult. -
Chinese regulators jointly unveiled interim regulations today to step up the supervision of auto data processing -
Facebook’s top lawyer, Jennifer Newstead, is focused on present-day regulatory problems like the legal uncertainty -
Subpoenas sent to Facebook show that investigators working for Massachusetts Attorney General Maura Healey. -
The likelihood of German companies being publicly named in decisions by data regulators seems to be decreasing. -
Zoom has agreed to pay $85 million to settle privacy litigation over Zoombombings that disrupted meetings. -
Europe’s top court dynamited the transatlantic data bridge known as Privacy Shield, the namesake for the “Schrems II” -
Online platforms get more guidance from the EU’s top court on whether they can keep using automatic upload filters -
WhatsApp avoided a permanent data processing ban in the EU after the bloc’s privacy regulators rejected a request -
Executive order from US President Joe Biden on marketplace competition reserves a few sections for data privacy and net neutrality. -
China's crackdown on the tech sector has come as a shock to many observers, not just for the scope of the actions.
-
“Cookie banners” on websites could be subject to a crackdown among EU privacy regulators, led by France.
-
A ban on EU lenders using social-media data to check borrowers’ ability to repay loans appears to be one of the first legislative attempts to respond to the incursion of Big Tech companies and AI techniques into finance. -
IAB Europe held a hearing earlier this month with the Belgian data protection authority. -
California’s new attorney general, Rob Bonta, plans to work in close partnership with the state’s new privacy enforcer. -
National data protection regulators in the EU will be emboldened to pursue Big Tech companies. -
A growing number of companies deploy voice-recognition software in their everyday business dealings with customers -
The Supreme Court reversed a lower court's broad reading of the US's principal anti-hacking statute. -
European telecom and adtech companies should innovate in using non-personal data to advertise, rather than lobbying for lighter EU privacy rules. -
The truism that “data is the oil of the 21st Century” is due for Version 2.0. Increasingly, data is more than a commodity.
-
Large and small fines against telecom companies for breaking the EU's General Data Protection Regulation stand in sharp contrast to US tech giants. -
On World Consumer Rights Day, China's CCTV features a show that includes undercover journalists expose malpractices by businesses related to lives of consumers. -
The three women and two men picked to lead the new California Privacy Protection Agency.
-
Technology giants are increasingly partnering with and investing in banks, posing new financial-stability risks. -
The tech industry expressed strong support for Washington state's latest consumer privacy bill during a public hearing.
-
The EU hopes to proceed with the adoption of the UK data and law-enforcement adequacy decisions "by the end of May, beginning of June".
-
A moderate Democratic US lawmaker is rekindling a push for national privacy legislation with hopes for bipartisan support. -
A regulatory process the US FTC hasn’t fully used since the early 1980s is likely to be resurrected in a bid to set baseline data privacy and data security rules. -
Rohit Chopra said the US Consumer Financial Protection Bureau needs to understand how tech giants’ entry into financial services will affect consumers. -
At least 18 US state legislatures have proposed consumer privacy bills, giving their residents more control over their personal online information. -
Virginia’s governor signed the state’s privacy legislation into law, following California to become the second US state to enact a baseline privacy law. -
For years, North Korean-led hackers allegedly slipped into the computers of banks around the world. -
While UK businesses will raise a cheer at the EU's data adequacy proposal, their joy may prove premature. -
The growth of artificial intelligence in a wide range of business applications is likely to place another burden on European data protection authorities.
-
As many mark the 40th anniversary of the first Data Protection Day, the importance of safeguarding sensitive personal data during the Covid-19 pandemic is top of mind. -
WhatsApp has defended its privacy policy changes, blaming "inaccurate reports" for suggesting the messaging service would be sharing more data with its parent Facebook. -
Lawmakers in a least 10 states have introduced more than a dozen online privacy bills.
-
The Biden administration has already placed a veteran privacy lawyer to oversee talks on a replacement for Privacy Shield.
-
A lawsuit targeting WhatsApp in India is set to proceed, with the messaging service’s decision to push back the deadline of a controversial privacy update. -
WhatsApp’s controversial privacy-policy changes have now drawn the scrutiny of Italian regulators. -
Scatter Lab, the South Korean developer of Artificial Intelligence chatbot named Iruda, is the target of a new investigation by the South Korean privacy regulator. -
A quiet death at the US Federal Communications Commission of a Trump-era attempt to weaken the legal liability shield for online platforms won’t be the end. -
Businesses in South Korea should significantly step up reviews of their data-collection and management practices. -
Facebook says its goal is to “bring the world closer together.” It appears to be succeeding. -
With its weighty fines for Google and Amazon.com, France’s data-protection authority appears to have found a workaround to the GDPR's clunky one-stop shop mechanism.
-
YouTube and Instagram grabbed Australian headlines this week. -
FTC’s two Democratic members set out a possible roadmap for the future in their dissents over the agency’s settlement with Zoom. -
The EU shouldn’t expect any “revolutionary” changes to how a new US administration approaches talks on trans-Atlantic data transfers. -
EU-based data exporters began reviewing updated model contracts for international data transfers — known as Standard Contractual Clauses or SCCs. -
Google, Facebook, Twitter and other platforms may see new obligations to swiftly remove terrorist content online passed this year. -
US President-elect Joe Biden's administration should make the necessary adjustments to unblock transatlantic data transfers.
-
The risk of committing a privacy violation in California just went up substantially for companies.
-
A privacy campaigner's Irish judicial review relating to Facebook's data handling will be heard next January.
-
A US Senate hearing featuring chief executives of America’s largest online platforms saw its putative subject — Section 230 of Communications Decency Act of 1996 — reduced to brief mentions. -
EU data regulators will issue guidance on how EU-based data exporters should implement a landmark EU court decision.
-
After the Philippine privacy regulator issued another harsh warning against privacy violations, members of a data protection group began raising questions. -
The UK already had a high wall to climb for it to win an adequacy decision that will let it continue data flows to the EU after Brexit. -
Canadian tech companies will soon be subject to tougher privacy laws as lawmakers face intense pressure to keep pace with European privacy standards. -
The General Law for Data Protection (LGPD), effective since Sept. 18, was a huge step toward a bigger role for Brazil in the global digital economy. -
Proposal to allow WhatsApp, Skype, Viber & others to continue screening for child-abuse images & messages could help ease negotiations on draft bloc-wide rules. -
India has broken new ground with a proposal on how to regulate non-personal data. -
Division over Ireland's Twitter probe between EU regulators has flared up after the authorities were invited to give their input. -
California’s investigation into Facebook’s data-sharing practices has pushed forward and deepened in recent months. -
Oracle told Australian competition officials to focus on Google’s expanded use of personal information through the 2008 acquisition of DoubleClick. -
British Airways has denied that customers subject to a data breach in 2018 suffered any serious financial loss or are due any compensation. -
Parts of Australian legislation granting law-enforcement agencies the right to demand access to de-encrypted communications has remain unused since its introduction in 2018.
-
Recent rulings against Chinese social media platforms TikTok and WeChat for their data-processing practices is sending an encouraging signal to users. -
TikTok may be able to escape its current dispute with the US, but the video-sharing app will still be facing regulatory headwinds around the globe. -
Companies are pressuring Brazilian lawmakers to delay implementation of the nation's data-protection law from Aug. 16 until next May. -
The most damaging cyberattack ever in 2017, caused a $15 billion loss to customers of companies directly hit, a federal study said. -
International Airlines Group now estimates that it may need to pay 22 million euros in GDPR fine -
Restaurants and bars that have been ordered to keep registers with customers' personal data to track Covid-19 infections are being closely monitored. -
International companies are much more prepared for Brazil's new data protection law than Brazilian firms because they already comply with similar legislation. -
The New York state Department of Financial Services notched a milestone when it filed its first data security enforcement action. -
The opening of a joint UK-Australian probe into controversial US facial-recognition company Clearview AI underscores a growing interest among data watchdogs to cooperate in tackling global threats to people’s privacy.
-
The decision by the European Court of Justice to nullify the EU-US Privacy Shield & to limit Standard Contractual Clauses for international data transfers is arguably the most important data-protection ruling in years.
-
A landmark ruling by the EU’s top court on international data flows will lead to more legal uncertainty for thousands of companies that use an EU data transfer mechanism. -
Australian laws to stop the streaming and spreading of “abhorrent violent material” via online platforms caught the attention of global leaders. -
Eight years ago, prosecutors lacked evidence to link Yevgeniy Nikulin to the hacks of LinkedIn and Dropbox. But it's another story now.
-
Coronavirus infections are mounting, and so are threats to Americans’ privacy. FTC member Christine Wilson is on a mission to decry the latter. -
Global tech & social media companies are in for a bumpy ride after many of them suspended their cooperation with data requests from Hong Kong authorities.
-
The US Federal Reserve Bank of New York’s biggest financial stability worries are possible cyberattacks on the banking system. -
A privacy backlash has led South Carolina to bar its health department from using smartphone contact-tracing apps. -
The first stand-alone privacy enforcement agency in the US could be established in California if voters approve in November. -
In the eyes of some privacy experts, there is no better parallel to Facebook’s acquisition of Giphy than Onavo, which collected and sold user data. -
Google's eight-figure fine from French data regulator CNIL for breaching EU privacy rules is proportionate and should be upheld. -
Private lawsuits are likely to become more frequent as China enters a new era of civil law with an expanded definition of one’s rights to the protection of personal data. -
The signatures submitted to election officials remains too close to call for a landmark privacy law to go before California voters in November.
-
As the EU marks the second anniversary of GDPR, large US tech companies should prepare for regulatory enforcement in the months ahead. -
As the Irish privacy watchdog sends its Twitter probe off to EU counterparts for review today, it will doubtless hope for quick, constructive feedback. -
Clearview AI is invoking a legal shield used by social media companies hoping to defeat Vermont privacy lawsuit -
Legislation on protection of privacy and personal data remains at the top of the agenda for members of a key Chinese policy advisory board. -
US tech giants such as Facebook are growing increasingly concerned about elements of India’s proposed data-protection law, complaining that it would trigger privacy issues for non-Indians & unreasonably restrict unfettered Internet access to teenagers approaching age 18. -
Three million Australians have downloaded the government’s CovidSafe contact tracing app in three days, as the government followed an Asia-Pacific wave. -
Smartphones’ potential in disease tracking lies in two areas: tracing populace movements, and Bluetooth-enabled proximity tracking. -
Contact-tracing apps will benefit from a “pan-European & coordinated approach” to regulation after European data-protection authorities endorsed the EC’s draft guidance. -
With Apple & Google to collaborate on covid19 tracing smartphone technology, many of the world's governments are weighing the privacy implications of using mobiles. -
Apple and Google revealed plans today to turn iOS and Android smartphones into coronavirus threat-detectors. -
Connecticut, New York, Florida and other US states are investigating whether Zoom, the videoconferencing platform that’s exploded in popularity during the Covid-19 pandemic, has violated any laws by failing to protect users’ privacy and secure its systems, the Connecticut attorney general announced. -
Equifax faces a bill of slightly more than $2 billion to settle consumer complaints stemming from the credit reporting agency’s massive 2017 data breach. -
A landmark UK ruling freed Wm Morrison Supermarkets from indirect liability for a rogue employee's data leak — but still leaves the door open for future litigation targeting companies over accidental data disclosures by employees. -
British Airways and Marriott International are expecting dramatic reductions in the multimillion-pound fines proposed as a result of major UK privacy-breach probes, company filings show, with the final decisions now not expected until later this year. -
Buried more than 50 pages into Facebook’s annual 10-K report is an item that may flag a fuller measure of the cost of its proposed $5 billion privacy settlement with the US Federal Trade Commission: Facebook is hiring a lot more lawyers. -
Novel coronavirus is the first global pandemic to arrive in an era when nearly the entire population can be tracked in real time, thanks to the ubiquity of smartphones and social media. The question facing non-authoritarian governments is how heavily to draw on that trove of private sector data in a bid to limit the deadly disease. -
California’s new consumer privacy act is likely to remain the only comprehensive data privacy law in the US for a while. -
South Korean companies targeting the US market are likely to feel the regulatory tremors created by the new privacy law in California, especially those in the gaming and IT industries, sectors where the US market is perhaps the most lucrative. -
European consumers suing Facebook in coordinated class actions in Belgium, Italy, Portugal and Spain over the Cambridge Analytica scandal are facing an uphill battle that suggests that litigation over privacy rights might not, as previously hoped, be quicker and more successful than regulatory probes. -
The global momentum around consumer data rights is arriving in New Zealand, the country’s top privacy official has said, with pressure from the financial industry for the country to introduce open banking systems only expected to grow throughout 2020. -
A trial set to begin Monday of a Russian man charged with hacking into LinkedIn and Dropbox may open a window on a shadowy international network of hackers — “a criminal clique” — that sought to use cyberattacks to manipulate financial markets as well as breach online platforms. -
When American intelligence consultant Edward Snowden revealed the breadth of personal data collection by US intelligence agencies back in 2013, many saw a massive privacy violation. Kristina Bergman saw a massive business opportunity. -
Forthcoming Irish decisions over Facebook, Twitter and other Big Tech companies for violations of EU privacy rules may well spark disagreement and "reasoned" demands for reappraisal from other regulators in the bloc, Ireland's top privacy watchdog expects. -
Google has been asked by EU data-protection authorities to conduct a privacy-impact assessment of its proposed $2.1 billion acquisition of health-tracking company Fitbit before notifying the proposed deal to the European Commission for competition approval, MLex has learned. -
Smaller businesses such as fitness studios, translation services and car-rental services operating in the central German state of Hesse should face modest fines for failing to comply with EU privacy rules, a senior official from the state's privacy regulator told MLex. -
A Democratic congressional representative from California today expressed support for federal preemption of state privacy laws and criticized his state's first-in-the-nation privacy law, pitting himself against others in the state delegation who have strongly supported the California Consumer Privacy Act. -
Google's privacy investigation in Ireland risks being less thorough than activists had hoped for, as a result of the data-protection authority's decision to frame its probe as an own-initiative action rather than a response to widespread complaints against the Internet giant. -
Cloud-based software company Salesforce and a high-end children's clothing retailer are among the first companies facing a data-breach lawsuit in federal court under California's landmark privacy law, which took effect Jan. 1. -
Companies' direct-marketing practices have come under scrutiny in Finland to check their compliance with the EU's General Data Protection Regulation, the country's deputy data-protection ombudsman has told MLex.
-
As the infant California Consumer Privacy Act marks the completion of its first month, another California privacy law is opening a new window into the shadowy data-broker industry, with about 60 companies that trade in consumer data rushing to register with the state by today's deadline.
-
Facebook's assertion that it will voluntarily pay the US Federal Trade Commission far more than the consumer protection agency could have obtained through litigation over privacy violations may, ironically, bolster critics' argument against the settlement. -
Five recent EU-US Privacy Shield violations alleged by the US Federal Trade Commission typify the regime's enforcement history that has often focused on smaller companies committing procedural violations of the international data-transfer mechanism. -
The overhaul of New Zealand's privacy laws this year is expected to catapult the country's 1993 data-protection laws into the 21st century. But the revamp will face scrutiny in the EU, where the island country will be one of the 11 jurisdictions facing a review of the bloc's adequacy decisions relating to national privacy measures this year. -
TikTok, a video-sharing app service run by ByteDance, is expected to receive a request soon from the South Korean communications regulator for information about how the service handles personal information of South Korean users as part of an ongoing probe into the service's personal-information management, MLex has learned. -
Consumer-privacy legislation reintroduced in Washington state is closely modeled after California's sweeping new privacy law, giving residents the right to access, delete and correct their personal data, as well as the right to opt out of the collection of their personal data. But there are several notable differences when it comes to regulating facial-recognition technology and giving consumers the right to sue. -
The Brazil unit of Colombian on-demand delivery startup Rappi has been targeted in a Brazilian preliminary probe into its use of clients' data to analyze purchasing trends, according to a document seen by MLex. -
Google's Brazil unit was given 10 days by the national consumer protection authority to decide whether to settle an investigation into charges it scanned e-mails sent via Gmail without users' consent, according to a document seen by MLex. -
Data referred to as "important" under China's data-protection regime, which is subject to scrutiny before being exported, is evaluated against its importance to the country, not its importance to businesses or individuals, a Chinese cybersecurity official said. -
EU telecom operators and tech companies expect the new European Commission, which took office in December, to put forward some of its digital plans in coming weeks, including rules on artificial intelligence. -
In one illustration of the data-protection movement sweeping the planet, lawmakers could pass, update or make effective new privacy laws in 2020 that would cover nearly 3 billion people — more than a third of the world's population. -
Legal challenges to California's sweeping new privacy law are inevitable.
-
Multinational companies keen to adopt EU-wide codes of conduct to show they respect data-privacy rules should get clearer guidance next year on what's needed in particular sectors — but other roadblocks to progress remain. -
Global online media platforms such as Facebook and Twitter should be required to reveal information on users that engage in “doxxing” if provided with evidence of their behavior by authorities, Hong Kong’s data protection authority has suggested as it seeks to revamp local laws. -
More complaints against data-privacy violations are expected to pop up in Brazil as society's awareness increases over data-privacy rights. -
Problems that multinational companies have faced in EU privacy probes will be picked over at a closed-door meeting in Brussels next month as part of the runup to a review of the General Data Protection Regulation next May, MLex has learned. -
Google will be be defended by the former chairwoman of the US Federal Trade Commission, Edith Ramirez, in litigation filed in the wake of the FTC’s $170 million settlement of alleged children’s privacy violations by the online ad giant’s YouTube platform. -
From entertainment to payment services, facial recognition technology is gaining popularity in China and has been adopted by both state law-enforcement agencies and commercial practices. Yet regulation of the technology’s serious security implications has been slow to catch up. -
Google’s tangle with Australia’s consumer regulator over its use of location data — something dealt with by privacy regulators in most other jurisdictions — shows that when it comes to regulating tech giants, many paths can lead to the same destination. -
UK businesses have begun a nervous wait for a final verdict in the data-breach court battle that has pitted Wm Morrison Supermarkets against an army of its employees — and that threatens far-reaching implications for any organizations handling quantities of personal data. -
Major finance, retail and media companies in Ireland are facing scrutiny from the country's data-privacy regulator over whether their use of cookies complies with data-protection laws. -
A stalkerware app developer received a rare federal rebuke today at the hands of the US Federal Trade Commission. Companies behind mobile trackers almost never face penalties despite their high rate of usage by abusers, a state of affairs that may be slow to change even after the action taken by the consumer protection agency.
-
A portrait of Facebook CEO Mark Zuckerberg as dishonest and indifferent to his company’s impact on society emerged from members of Congress within the first hour of the social media titan’s much-anticipated appearance before the House Financial Services Committee to discuss his planned digital currency, Libra. -
Parents’ claims that Amazon illegally recorded their children’s voices on Alexa-enabled devices should stay in federal court, a magistrate judge in Seattle said. -
Icelandic political parties’ use of personal data from social-media platforms such as Facebook has come under scrutiny by the country’s data-protection authority, the agency’s head said in an interview. -
Google's recent defeat in the "Safari workaround" case is unlikely to open the floodgates for a rush of similar mass UK damages lawsuits, but should still provide a roadmap for claimants — something companies accused of breaching privacy rules would do well to note. -
Microblogging platform Twitter today said it used email addresses and phone numbers provided by consumers for security purposes for advertising ends — similar to behavior that got Facebook in trouble with the Federal Trade Commission. -
Was British Airways' cybersecurity so lax that it should be held responsible for its big data breach last year? That's the fundamental case that lawyers for the swelling class of thousands of victims must make to win compensation for them. -
California’s landmark privacy law would be significantly expanded with the creation of a specialized enforcement agency and broader privacy rules for children and teenagers, under a ballot initiative to be launched by the developer who led the campaign to create the current law.
-
Malaysian carrier Malindo Air has said that two former employees of a third-party e-commerce service provider in India were responsible for stealing customer data that were later found to have been leaked online. -
Google has scored two major victories at the EU’s highest court as judges narrowed the scope of Internet users’ right to be forgotten, rejecting calls to impose the right globally and to make the delisting of sensitive personal data automatic. -
Facebook disclosed today that its investigation into the data practices of apps on its platform resulted in the banning of more than 20,000 apps, even as some app developers and congressional investigators question whether Facebook violated antitrust and other laws by altering its platform policies. -
Lion Air Group subsidiaries Malindo Air and Thai Lion Air have both suffered data breaches resulting in large amounts of customers' personal details being leaked online. -
A federal judge has rejected Facebook’s argument that users suing over the Cambridge Analytica scandal had no expectation of privacy after they shared information with their friends on social media. -
LinkedIn can’t block a data analytics company from copying and scraping public profile data posted by users of the professional social network, a US federal appeals court ruled today in affirming a lower court’s preliminary injunction granted to analytics startup hiQ. -
US technology company Oracle presented Australian competition and privacy officials with a phone using the Android operating system to demonstrate that the device communicated with Google, even though it contained no SIM card and had no apps running, according to documents obtained by MLex.
-
Legalized discrimination could return to the US as long as it’s perpetuated by machines, warn civil rights advocates alarmed at a regulatory filing by the Trump administration. -
From central Africa to central Asia to central America, the world’s developing nations are enacting data-protection laws at a steady pace, in most cases creating independent commissioners or agencies to enforce the privacy and security of personal data held by both private companies and government. -
Scour a big tech company dabbling in artificial intelligence and chances are it already has an ethics guidelines document somewhere on the company server. -
Facebook must defend privacy litigation over facial recognition technology that puts the company at risk of billions of dollars in damages, following a US appeals court’s affirmation today of two lower court decisions that the plaintiffs have standing to sue and that the massive potential damages can’t obviate certification of a victims’ class. -
elecom operator Telefônica Brasil, which operates under the brand Vivo, is facing a data-protection lawsuit in Brazil, according to documents seen by MLex. Prosecutors in the Federal District have asked a court to urgently prohibit the company from commercializing a geolocation product and to order it to produce a data-protection impact assessment. -
When British Airways and Marriott International heard that the UK's privacy watchdog planned to hit them with fines totting up to 282 million pounds ($350 million), they got a taste of its ambition to punish companies for poor security practices and breaches that led to the exposure of customers' data. -
Facebook, Microsoft, Twitter and Coca-Cola will be closely watching arguments at an EU court this month in a case that could lead to sweeping changes in how companies transfer personal data — from pay slips to health data — to countries outside the EU. -
Developers of artificial intelligence could build greater transparency into their products, but their public-sector clients aren't putting them under pressure to do so, the head of a UK review into the technology has said. -
Business groups have managed to defeat or significantly weaken a flurry of comprehensive consumer privacy bills in states across the US this year. -
The auto industry won’t have to fear new restrictions on connected cars in Nevada after winning a broad exemption from a new privacy law, in what could be a harbinger of more state-level lobbying efforts. -
TPG Telecom’s decision to scrap its planned rollout of a 5G mobile phone network as a result of a ban on Chinese telecommunications company Huawei will play a central role in an Australian court action, with lawyers for the country’s competition regulator today questioning the company’s motives. -
Google defends consent practice in Swedish data-location GDPR probe -
In developed countries, the average child spends several hours a day in front of a screen. But in a dramatic shift over the past decade, those screens are increasingly connected to the Internet via a smartphone or tablet, allowing companies to harvest and monetize personal data about those kids. -
As terrorists take advantage of social media platforms to spread propaganda, recruit followers and live-stream shooting sprees, some lawmakers around the world have decided that enough is enough. -
Huawei’s battle for acceptance in Europe can be traced back to regulatory uncertainty in an unexpected place — its home market of China. -
The Brazilian government wants to ensure that the country’s data-protection authority will have directors with varying profiles and experiences, a senior official from the Ministry of Economy told MLex. -
Technologists may have discovered a secret vulnerability in online platforms’ otherwise impenetrable legal shield. -
A large German healthcare-services company will this month be fined for breaches of EU privacy rules, the data-protection commissioner for the state of Rhineland-Palatinate has told MLex. -
The Facebook Brasil preliminary probe by federal prosecutors looking into allegations of improper collection of data in Brazil has been upgraded to a formal inquiry, according to documents seen by MLex. -
The University of Texas MD Anderson Cancer Center should have known better, a federal administrative law judge admonished in imposing a $4.3 million fine last year. Entities that hold sensitive medical and insurance data would be wise to view Anderson’s story as a cautionary tale. -
The already small chances of a bipartisan federal privacy bill becoming law this year have shrunk even further in recent weeks. -
Telecom operators and car makers in favor of cellular technology for Internet-connected vehicles have received last-minute hope after some EU lawmakers objected to draft legislation specifying WiFi-based technical communication standards, MLex has learned. -
Uber Technologies has two weeks to hand over location and log data to a group of four drivers in the UK, or face legal action or data-protection complaints for breaching the EU's privacy rules. -
Companies that transfer data between the US, EU and Japan could see a further alignment of the three data-protection regimes later this year, MLex has learned. -
Much about a proposed data privacy law for India drafted by government-appointed experts is still unclear, causing legal uncertainty on top of concerns about the prospect of hefty fines and prison sentences for violations, an executive at Intel said today. -
Companies carrying out business in New Zealand must notify the country’s privacy watchdog of data breaches if a breach has caused “serious harm or is likely to do so,” a new parliamentary report says. -
EU-based companies that send personal data to partners in the UK and haven't prepared for a no-deal Brexit scenario on March 29 risk attracting enforcement action from their local privacy regulators. -
Companies operating in China have so far largely avoided criminal liability for data-related security breaches, despite a deepening police crackdown on such lapses, but the risks associated with data crimes cannot be entirely overlooked, as companies are expected to boost compliance in face of enhanced regulation. -
Mark Zuckerberg spun 3,166 eloquent words in a blog post describing a dramatic departure for Facebook — a transformation of the social network from the “digital equivalent of a town square” to “the digital equivalent of the living room.” -
The US Federal Trade Commission is reviewing its light-touch approach to company compliance with the agency's security and privacy programs amid criticism it lets corporations such as Facebook and Google chose the terms of their own oversight. -
As Lyft, the second-largest US mobile app ride-sharing company, filed for its initial public offering today, it warned that privacy and data security would be a significant regulatory risk for the San Francisco-based company. -
Revenge porn site operators should well fear the privacy enforcement powers of the Federal Trade Commission. Other online businesses, not so much — as long as they avoid lying to consumers. -
As Facebook prepares to mark the unhappy one-year anniversary of its acknowledgement of the Cambridge Analytica privacy leak, the company faces a fateful and difficult legal decision. -
US warnings that Huawei poses a security risk and should be avoided in the rollout of high-speed Internet networks have so far failed to convince European telecom companies to abandon the Chinese company. -
Introducing a “right to erasure” as part of privacy-law changes in New Zealand would fundamentally change the public’s access to accurate information, an industry group including Amazon.com, Facebook and Google has told the country's parliament. -
Decisions on which data protection rules will be enforced in Brazil and a model for the supervising agency are still far from certain, as lawmakers this week offered amendments to the December presidential decree creating the authority. -
As Google nears a deadline to respond to a Swedish probe into whether its collection of users' location data complies with EU rules, doubts have surfaced over which regulator should handle the cross-border investigation. -
The willingness with which Japanese businesses hand over their customers' personal data to law enforcement agencies may come as a shock to some, but to many of Japan's biggest companies, voluntary transfers of such data to police and other agencies are unproblematic. -
South Korea’s communications regulator has made a request to Facebook for permission to conduct searches on the company’s servers located outside the country, MLex has learned. -
The massive Consumer Electronics Show in Las Vegas, which happens each year on neutral ground between Washington and Silicon Valley, has been a demilitarized zone where tech companies and regulators can rub elbows without rancor. -
No visitor to Uber Technologies can miss is how crowded it is. Everywhere, coders are crammed shoulder to shoulder, tapping keyboards at long, shared tables. Every glass-walled conference room is full. There are so many people moving around in the aisles that it’s hard to avoid the perception that there are more people than seats for them to work.
-
LinkedIn is locked in a heated battle with a data analytics company trying to use the social network’s publicly available data as the basis for products sold to human resources departments. The company wants to block HiQ Labs from using the data, but at a Thursday afternoon hearing in San Francisco, it was unclear where a three-judge panel on the US Court of Appeals for the Ninth Circuit would land. -
Match Group, which operates dating apps like Tinder, Hinge & OKCupid, has been fined 50,000 euros in Belgium for breaching the EU's data-protection rules.