Privacy after Roe, an FTC enforcement action, a federal privacy legislation update ... and more!
Privacy after Roe
Runa Sandvik on TechCrunch (techcrunch.com)
Sandvik looks at court records of cases between 2011 and 2022 to examine how police in the U.S. use text messages, emails, search history to prosecute people seeking abortions. This kind of detailed examination is valuable to see whether legislation intended to protect people seeking abortions is effective – and highlights the need for Washington state's Shield Law's protections against out-of-state law investigations as well as My Health My Data's requirements for websites to get consent before sharing health information with Facebook and Google.
Automated Decision Systems
Marvin van Bekkum and Frederik Zuiderveen Borgesius on International Association of Privacy Professionals (iapp.org)
This article summarizes the authors' paper on whether collecting special categories of personal data could help debias artificial intelligence, and their arguments for and against a new exemption.
Eve Gaumond and Catherine Régis on Lawfare (lawfareblog.com)
Artificial intelligence can significantly impact human rights—both positively and negatively. Human rights impact assessments conceived specifically for AI are needed to prevent potential harms and reap the benefits of the technology.
on NIST (nist.gov)
New guidance seeks to cultivate trust in AI technologies and promote AI innovation while mitigating risk.=
Kate Santaliz on NBC News (nbcnews.com)
The California Democrat, one of a handful of members with a computer science background, wants a nonpartisan commission to recommend new regulations for artificial intelligence.
Thomas Germain on Gizmodo (gizmodo.com)
As well as a $1.5 million fine, GoodRx has agreed to a first-of-its-kind provision banning the company from sharing health data with third parties for ads. As Germain reports:
"GoodRx’s privacy problems were first uncovered by this reporter in an investigation with Consumer Reports, followed by a similar report in Gizmodo. At the time, if you looked up Viagra, Prozac, PrEP, or any other medication, GoodRx would tell Facebook, Google, and a variety of companies in the ad business, such as Criteo, Branch, and Twilio. GoodRx wasn’t selling the data. Instead, it shared the information so those companies could help GoodRx target its own customers with ads for more drugs. According to the FTC, that’s illegal."
- FTC Enforcement Action to Bar GoodRx from Sharing Consumers’ Sensitive Health Info for Advertising, the Federal Trade Commission (ftc.gov)
Jessica Lyons Hardcastle on The Register (theregister.com)
California's attorney general Rob Bonta has sent letters to businesses with mobile apps that (allegedly) ignore opt-out requests or sell users' data. The letters focus on retail, travel and food service apps.
Natasha Lomas on TechCrunch (techcrunch.com)
In what looks like a meaningful -- and long overdue -- reforming step, the European Commission has committed to dial up its monitoring of how data protection authorities at the EU Member State level enforce the bloc’s flagship data protection rules against Big Tech.
- Europe-wide overhaul of GDPR monitoring triggered by ICCL, Johnny Ryan on Irish Council for Civil Liberties (iccl.ie)
- EU vows to get tougher on Big Tech privacy violations, Jon Fingas on Engadget (engadget.com)
Federal Privacy Legislation
Cobun Zweifel-Keegan on International Association of Privacy Professionals (iapp.org)
IAPP's Managing Director discusses last week's Future of Data Privacy and Security in the 118th Congress, hosted by R Street.
"Like dormant sugar maple trees, policymakers are just beginning to wake up as the days lengthen into the new term. Whether innovation, competitiveness, safety, security or even pure privacy concerns drive the narrative, the policy discourse is tapped and ready to flow in 2023."
Sally Ho and Garance Burke on Associated Press (apnews.com)
The Justice Department has been scrutinizing a controversial artificial intelligence tool used by a Pittsburgh-area child protective services agency following concerns that it could result in discrimination against families with disabilities.
Anna-Catherine Brigida on Coda Story (codastory.com)
How big-name monitoring software from companies like Cellebrite and Palantir made Honduras a hotbed of spy tech.
Rishi Iyengar on Foreign Policy (foreignpolicy.com)
Silicon Valley has spent years courting India, but its companies face an increasingly tricky censorship minefield in the world’s largest democracy.
Carly Page on TechCrunch (techcrunch.com)
The virtual cell service said customers’ data was exposed following “suspicious activity” relating to its primary network provider.
Thomas Germain on Gizmodo (gizmodo.com)
Full Throttle is launching a new, souped-up tracker as Google moves to kill third-party cookies.
Melissa Heikkilä on MIT Technology Review (technologyreview.com)
Large language models are trained on troves of personal data hoovered from the internet. So I wanted to know: What does it have on me?
Laura Kayali on POLITICO (politico.eu)
A majority of senators voted against introducing facial recognition.
Matt Perault on Lawfare (lawfareblog.com)
Last week, senior TikTok executives held a private briefing to review the details of Project Texas and the contours of the national security agreement it is negotiating with the U.S. government.
Office of the Privacy Commissioner of Canada (priv.gc.ca)
Charles Rusnell on The Tyee (thetyee.ca)
Shandro’s testimony allegedly violated the privacy of a witness by referencing secrets he gained in an official role.
Wojciech Wiewiórowski on EURACTIV (euractiv.com)
Privacy and data protection are part of the human rights too often suspended at the borders of the European Union - as long as we continue treating migration as a ‘problem’, fundamental rights will remain compromised, Wojciech Wiewiórowski writes.
Highly intrusive spyware threatens the essence of human rights - Commissioner for Human Rights - publi.coe.int
Council of Europe on Council of Europe (coe.int)
Brazil’s Telecom Operators Made Strides and Had Shortcomings in Internet Lab’s New Report on User Privacy Practices
Karen Gullo and Veridiana Alimonti on Electronic Frontier Foundation (eff.org)
Brazil’s biggest internet connection providers made moderate advances in protecting customer data and being transparent about their privacy practices, but fell short on meeting certain requirements for upholding users’ rights under Brazil’s data protection law, according to InternetLab’s 2022 Quem..…
the Premerger Notification Office Staff on Federal Trade Commission (ftc.gov)
The Federal Trade Commission has finalized its order with education technology provider Chegg Inc.
Julia Angwin on The Markup (themarkup.org)
A conversation with Arvind Narayanan
David Hoffman on Lawfare (lawfareblog.com)
Today is Data Privacy Day, an annual event in which I am — rather proudly — personally invested. Data Privacy Day began with a conversation at my dinner table eight years ago, when Leonardo Cervera Navas (then with the European Commission and now with the European Data Protection Supervisor’s office…
Thomas Claburn on The Register (theregister.com)
What’s allowed for Cupertino is verboten for everyone else
Divsha Bhat on Gulf Business (gulfbusiness.com)
Privacy can become a selling point and a source of value, especially when it is implemented by design and not reactively.
Thad Rueter on GovTech (govtech.com)
This year’s Data Privacy Week drew attention to the increasing role that cybersecurity is playing for government. Public agencies are responding via new hiring but still face big challenges.
Rebeka Zeljko on The California Aggie (theaggie.org)
An interesting article in UC Davis' campus newspaper looks at invasive technologies and how they manifest in day-to-day life, with perspectives from students as well as the school's academic associate director for academic technology services.
Shannon Knapp on JD Supra (jdsupra.com)
Expect another year of regulatory ambiguity for international data privacy laws in 2023, as the European Commission reviews the EU-US Data Privacy...
Joy Powers on WUWM (wuwm.com)
Michael Zimmer, the director of the Center for Data, Ethics and Society at Marquette University, comments on the recent common bans of TikTok among U.S. governments.
Romain Dillet on TechCrunch (techcrunch.com)
Jumbo, an app that lets you control your privacy on the web, is hitting the reset button — sort of. While the company is still focused on privacy and security, users can now download and use all features for free as the premium subscription is gone. In addition to this pricing update, Jumbo’s newest…
Isabel Cameron on Latest Retail Technology News From Across The Globe - Charged (chargedretail.co.uk)
Just 16% of UK consumers feel completely confident in managing their data privacy and security online according to security company Ring.
Abraham Díaz on The National Law Review (natlawreview.com)
In the frame of the International Data Privacy Day celebrated around the world every January 28, it is worthy to remember the relevance gained worldwide by this subject matter as time goes by, as well
Small business spending on data privacy up 17% in 2022, higher than medium, large firms: Cisco study
MSME Desk on Financialexpress (financialexpress.com)
Spending at larger organizations remained relatively unchanged after steep increases from 2019 to 2020, the study said. The average privacy spending was $2.7 million in 2022.
George Slover on Center for Democracy and Technology (cdt.org)
CDT's comments in response to the National Telecommunications and Information Administration’s (NTIA) request for input on the state of competition in the mobile apps marketplace highlight the need for improvement, with just two platform ecosystems, Apple and Google, controlling the key delivery pipelines that connect app developers to app users.
Christina Tabacco on Law Street Media (lawstreetmedia.com)
Does the federal Children’s Online Privacy Protection Act (COPPA) preempt state invasion of privacy and consumer protection laws? Google and YouTube think so. We'll see what the judge says.