European Court of Justice Planet 49 decision sets the record straight on consent for online cookies and trackers and raises some serious points for consideration by companies subject to GDPR and ePrivacy.
Data Privacy
Technological development has always outpaced privacy concerns, but never more so than in the past decade. Collection and centralization of personally identifiable information (PII), tracking of movements and digital surveillance are all at unprecedented levels. Regulations and laws are only just beginning to catch up to the ability of both governments and private entities to deploy these capabilities.
What exactly is there to worry about? The mass collection and centralization of data by giant multinationals such as Facebook and Google is as good of a place to start as any. Two decades of vacuuming up the personal data of users of various online services has created the most impressive marketing capabilities in history, but these profiles have astounding potential for damage when they are used the wrong way or fall into the wrong hands.
Unauthorized information that is captured in data breaches tends to find its way to massive “combo lists” that are sold and traded on the dark web. Social security numbers are added from this breach, home addresses and phone numbers from that one, personal health information from yet another. Soon, a frighteningly complete profile of millions of individuals is available to anyone willing to pay the asking price.
These are just the established data privacy issues. The emerging ones are even worse. High-quality facial recognition technology is just beginning to roll out across the public places of some countries. Artificial intelligence is not only making mass facial recognition possible, but magnifies the power and reach of any application that involves capturing and sorting information: scanning pictures, analyzing speech, sifting through text and location data. This threatens to not only shatter anonymity and privacy, but allow for highly advanced impersonation and take the concept of “identity theft” to new levels.
Some businesses chafe at the trouble and added expense of new and emerging data privacy regulations, but they are vital to both protecting rights and privacy and instilling confidence in end users. Customers want to be able to submit their payment information without worry about data breaches and identity theft, use services without wondering what is being done with their personal information and use devices without fear of surveillance or having location data tracked. The need for meaningful safeguards only grows greater as technological capabilities increase.
Facial recognition firm Clearview AI is facing a new lawsuit for violating Illinois state privacy laws for trawling public sources to vacuum up pictures of millions of people without consent.
U.S., U.K. and Australia urged Facebook not to extend end-to-end encryption as a default option for Facebook Messenger and Instagram as it could severely hampers efforts to crack down criminal activities.
Democracy is at risk from companies like Facebook that behave like digital gangsters. And, in fact, there are many similarities between Facebook’s behavior and recent violations and the way that “traditional gangsters” act.
While location services are inherently useful, it is how organizations that gather and use the data that may be a cause of concern for location privacy.
Apple's commitment to user privacy and human rights called into question by ignoring a second request to testify before Congress on Chinese censorship and a recent vote that saw over 40% of its shareholders express that the company should stop removing apps when the Chinese government demands it.
Expansion of China's data protection regulations will impact the smart car market in the country. The CCP has clarified terms to require this of the digital keys to smart vehicles and the data they generate.
PrivacyOps is an emerging framework that reimagines how to efficiently implement and operationalize privacy management throughout an organization in an agile manner.
As the Philippines Data Privacy Act registration deadline draws near, to be or not to be a data protection officer (DPO) is on many company officer’s mind.
The 10th anniversary of national Data Privacy Day celebrated on January 28 couldn't have come at a better time for Internet users with the past 12 months filled with stories about cyber security attacks, election meddling, state surveillance, and massive corporate data breaches.