Privacy & Compliance | SC Media Privacy & Compliance

Privacy & Compliance

Dutch Data Protection Authority chips away at ‘cookie walls,’ declaring they violate GDPR

Websites that restrict visitors from viewing and interacting with their content unless they first accept the use of cookies that track their browsing activities are violating the terms of the European Union’s General Data Protection Regulation (GDPR), the Netherlands’ Dutch Data Protection Authority (DDPA) has determined. Also known as the Autoriteit Persoonsgegevens (AP), the DDPA…

Meeting GDPR standards doesn’t guarantee Calif. privacy law compliance, experts warn

Soon to be the most restrictive privacy law in the U.S., the California Consumer Privacy Act is set to take effect in January 2020. And companies that sit back and assume their compliance with GDPR is enough to meet the new legislation’s high expectations are in for a rude awakening, warned a panel of privacy…

Is PSD2 the next GDPR? Not quite, but…(video)

The finance, banking and payment services industries have until September 2019 to comply with PSD2, a revised set of European Union regulations that give consumers more options and safer ways to make payments online. At RSA 2019, Geoff Sanders, director of product at anti-fraud and MFA company iovation (and former co-founder and CEO of iovation…

Report: Apple demands companies obtain consent before recording users’ app sessions

Apple has reportedly issued an ultimatum to companies that rely on “session replay” tools to track the way users interact with their iPhone apps: disclose the practice and seek explicit consent for it, or be removed from the app store. Apple’s mandate comes after a TechCrunch report last Wednesday revealed that Air Canada, Hollister, Expedia,…

Amazon Logo

National Enquirer threat to reveal intimate Bezos pics trains focus on privacy protection

By going public with alleged extortion attempts, Amazon CEO Jeff Bezos may have thwarted the National Enquirer’s attempts to quash the Washington Post’s probe into the tabloid media company’s practices, but the incident also turned a harsh spotlight on unethical, potentially illegal acts and ratcheted up concerns about privacy. In a Thursday blog post, Bezos…

Airline e-ticketing vulnerability exposes passenger PII

A vulnerability in numerous airline e-ticketing systems can expose customer data via unencrypted check-in links that hackers can easily intercept, researchers at Wandera said. “The intercepted and unencrypted links enable unauthorized third parties to view, and in some cases even change, a user’s flight booking details, and/or print their boarding passes,” the researchers, who discovered…

facebook

Germany bans Facebook from combining user data without permission

Germany’s Federal Cartel Office, or Bundeskartellamt, on Thursday banned Facebook from combining user data from its various platforms such as WhatsApp and Instagram without explicit user permission. The decision, which comes as the result of a nearly three-year antitrust investigation into Facebook’s data gathering practices, also bans the social media company from gleaning user data…

Amazon’s Ring allegedly let employees access customer video feeds

Amazon’s Ring devices reportedly granted the company’s Ukraine-based research and development team as well as U.S. executives and engineers virtually unfettered round the clock access to live feeds from some customer’s cameras, claims which Ring denies. The workers, regardless of whether they needed the information or not, allegedly had access to a folder on Amazon’s…

Federal appeals court says police must get warrants for wireless location data

Report: Wireless geolocation data being resold to unauthorized parties

U.S. mobile carriers T-Mobile, Sprint and AT&T have been sharing customers’ geolocation information with third-party partners, who go on to sell that data to additional companies until it winds up in the hands of unauthorized individuals. Citing anonymous sources, a new exposé from Motherboard focuses heavily on the credit reporting company MicroBilt, which is known to purchase carrier…

California forecast: Mostly sunny with a chance of a Weather Channel privacy lawsuit

The State of California is suing The Weather Company (TWC) for allegedly misleading users about why their extremely precise location data was needed. The lawsuit claims TWC  told its users that it collects data to personalize alerts and forecast but in reality, uses the data to profit from the selling of location data to advertisers,…

Next post in Security News