Google filed proposed remedies in U.S. court after a federal judge ruled the company operated an illegal monopoly in the online advertising ecosystem, MediaPost reports. Potential remedies to consider include making real-time bid amounts for open web display available across rival publisher servers and Deprecating Unified Privacy Rules.
The U.S. Department of Government Efficiency is working to build a database containing individuals' data from various government agencies, raising concerns over the system's security and consent obligations, The Washington Post reports.
Latvia's Data State Inspectorate discussed what personal data a landlord is allowed to request when selecting tenants or entering into a lease agreement. The advisory information about education, salary and rental history is allowed when screening tenants but identification and financial information is only allowed when entering into a lease.Full story
Vischer Partner David Rosenthal wrote about how to secure data in the cloud to prevent unlawful intrusion by U.S. entities in light of changing data security policies and geopolitics. He expanded a standard method to assess the risk of foreign interference, which is available through an open-source Excel spreadsheet.Full story
U.S. officials are using TeleMessage software to archive conversations on the Signal app, raising concerns that sensitive national security messages could be vulnerable, The Washington Post reports. U.S. Sen.
The European Data Protection Board adopted opinions on EU adequacy measures during its most recent plenary meeting. One opinion supported the approval of the European Commission's proposed six-month extension of the U.K.'s adequacy with the EU General Data Protection Regulation and the Law Enforcement Directive.
The California Privacy Protection Agency ordered a USD345,178 fine and corrective measures to clothing retailer Todd Snyder over California Consumer Privacy Act claims. The agency alleged a technical flaw did not allow proper transmission of opt-out preferences while the retailer allegedly required identity verification to complete opt-outs.
Texas Attorney General Ken Paxton announced 30-day compliance notices were issued to several Chinese-based companies in regard to alleged Texas Data Privacy and Security Act violations. Alibaba, CapCut and TP-Link were among the companies to receive general noncompliance warnings.
The European Data Protection Supervisor denied a 2024 request by the European Investment Bank to transfer personal data to India and several non-EU countries due to the lack of adequate data protections, Moneycontrol reports, citing the EDPS' 2024 annual report. The EDPS stated India does not yet ensure an "essentially equivalent level of data protection" to the EU General Data Protection Regulation.
In an op-ed for Infosecurity Magazine, BBB National Programs Vice President for Global Privacy Initiatives and Operations Divya Sridhar writes recent actions taken by the White House have added a layer of uncertainty to U.S. firms' ability to adhere to the EU-U.S. Data Privacy Framework.