Compliance | SC Media

Compliance

Every presidential campaign website executes suspicious third-party code

An analysis of 11 presidential campaign websites performed last September and again in December found multiple instances of potentially risky third-party code, unwanted code execution and unauthorized data tracking. According to a new report from The Media Trust, 81 percent of executing code on these websites was not internally developed, but rather from external third-party…

How privacy and security affect product design

The proliferation of new privacy and security laws imposes diverse, complicated, and at times inconsistent compliance requirements on organizations that handle personal data. Not only do these laws require the protection of individual privacy from intrusion, many of them also involve public concerns like national security and defense, protecting critical infrastructure, social interest, community safety…

antivirus

Czech authorities investigating Avast over recent data collection practices

The Czech Republic’s Office for Personal Data Protection (DPA) said in a brief statement today that it has launched a preliminary investigation into Avast Software s.r.o., following reports that the Prague-based antivirus company collected data from users of its free AV product and sold it via a separate business division. “At the moment we are…

Ringing in a new National Privacy Law?

Privacy advocates have long called for a federal privacy law and it’s coming…in the mean time, experts say complying with the CCPA will lay the groundwork for future compliance with a federal law. Like revelers packing Times Square on New Year’s Eve waiting for the ball to drop, a close teeming crowd of organizations spent the…

IllenaArmstrong

How a bill becomes a compliance ask

It takes a minute for a regulatory mandate to hit the masses. Typically, after months or even longer, of “sitting in committee,” political punting, pontificating, organizational lobbying, debating, usually lots more pontificating and punting, that a bill that may have been “sitting on Capitol Hill” (thank you, Schoolhouse Rock, you classic, you) might be signed…

Lawyers: Facebook is prepared to pay $550M to settle facial recognition lawsuit

Facebook has agreed to set aside $550 million to settle a class-action lawsuit brought by users who allege the social media company violated the Illinois Biometric Information Privacy Act (BIPA), attorneys for the plaintiffs announced on Wednesday. San Francisco Federal District Court Judge James Donato must still approve the settlement, which the lawyers claim is…

Privacy takes a hit, as storage bucket leaks cannabis dispensary POS data

A misconfigured Amazon Web Services S3 storage bucket was discovered leaking data that had been collected by a point-of-sale system used by multiple cannabis dispensaries, researchers from vpnMentor reported on Wednesday. The exposed bucket, which was found on Christmas eve and closed by Jan. 14, was found to contain more than 85,000 files. These included…

Analysis of popular apps finds rampant sharing of personal data

An analysis of 10 highly popular Android apps found what researchers are calling the “out of control” sharing of potentially sensitive information with third parties, in some cases in likely violation of Europe’s GDPR privacy regulations. The findings, which were published in a report issued by the Norwegian Consumer Council (NCC), prompted a coalition of…

Next post in Security News