Amazon and Microsoft were granted summary judgment in a federal lawsuit that alleged its use of IBM’s Diversity in Faces Dataset violated the Illinois Biometric Information Privacy Act, Biometric Update reports. The complaint against the companies alleged the Diversity in Faces Dataset contained biometric data obtained without the permission of two Illinois residents.
A London-based cybersecurity startup hopes to take human error out of data breaches, Reuters reports. OutThink announced it raised $10 million in early-stage investments, primarily bankrolled by venture capital firm AlbionVC.
A U.S. District Court magistrate recently recommended a sub-class of California residents in a class-action data breach lawsuit receive enhanced damages over other members, Reuters reports. The magistrate ruled the California Consumer Privacy Act allows that victims of breaches could receive compensation of $100 to $750, but victims in other states may only be eligible to receive “incidental” damages. As a result, California class members in the data breach lawsuit against Dickey’s Barbeque Restaurants may receive $100 each, double what non-California residents may get.
The U.S. Supreme Court decision to overturn Roe v. Wade resulted in data brokers becoming key cogs in some states’ efforts to criminalize reproductive health care, Duke University graduate Joanne Kim and undergrad student Aden Klein write in the Technology Policy Press. They said that beyond personal data obtained from period tracker health applications, data brokers “have already been outed for selling data on pregnant women and abortion-relation information.” Both writers previously worked on Duke’s data brokerage research project.
The EU and the U.S. continue to make progress toward a finalized agreement on trans-Atlantic data flows. The IAPP Resource Center has a topic page dedicated to keeping privacy professionals apprised of the latest developments related to the EU-U.S. Data Privacy Framework. The page will be updated on a rolling basis with guidance, analysis and resources covering obligations and commitments under the proposed framework.
German members of European Parliament came out against strength of measures included in the U.S. executive order to stand up the EU-U.S. Data Privacy Framework, Netzpolitik reports. MEP Birgit Sippel said the new measures are a sign of progress to address national security issues previously cited by the Court of Justice of the European Union, but "further legislative measures in the (U.S.)" will be necessary.
Japan's data protection authority, the Personal Information Protection Commission, released a data mapping toolkit for private entities. The PIPC said the new resource is aimed at "organizing the data handled by the business as a whole and visualizing the handling situation." The regulator indicated the toolkit was created in response to increased data handling among organizations and the "increasing need to properly manage that data."Full Story
The Digital Advertising Alliance of Canada announced changes to compliance principles for its AdChoices self-regulatory program for interest-based advertising. The updates include adoption of interest-based advertising terming versus behavioral advertising, a "plain language notice" concept, and notice requirements when using a consent management provider. Multiple Canadian privacy laws and the proposed Bill C-27, the Digital Charter Implementation Act of 2022, were reviewed to formulate the updates.
Twitter is asking a judge in the U.S. District Court in the Northern District of California to dismiss a class-action complaint claiming the company collected users’ contact data for security purposes and used it for advertisement targeting, MediaPost reports. The company said its use of the data was consistent with its privacy policy and that it “did not sell — or even disclose” the plaintiff’s information to advertisers. The complaint follows the U.S.
Gizmodo reports U.S.-based security firm Disconnect released its "Do Not Track Kids" tool, which provides children's privacy education while simultaneously blocking online tracking of minors. The application can be installed on a device to immediately block the trackers from third-party apps and those sent to email inboxes while also blocking cryptocurrency miners. The app also encrypts and filters domain name systems to shield from telecommunications and internet service provider tracking.