Data Protection

Threads platform “hacker’s dream”

Meta’s new social media platform, Threads, is gobbling up massive amounts of sensitive data on its subscribers, now totalling 100 million and counting. the platform falls under the California parent company’s general privacy policy which permits collection of an array of subscribers’ information from sign-up to which sites are clicked, who is “friended” and what type of device used to access Threads. [node:read-more:link]

Amazon fined for privacy violations

Amazon has agreed to pay a $25 million penalty to settle U.S. Federal Trade Commission allegations it violated a child privacy law and deceived parents by retaining voice and location data recorded by its Alexa voice assistant. The Seattle-based company will refund $5.8 million to customers for alleged privacy violations involving its doorbell cameras. [node:read-more:link]

The Need for Zero Trust Protection

Is your organization prepared and ­protected against IT security risks? Not surprisingly, Zero Trust has risen in prominence as a means to protect an organization’s data and people – especially as remote work and cloud-based services become the norm. [node:read-more:link]

Hydro-Québec hacked

A pro-Russia hacker group has claimed responsibility for a cyberattack on Hydro-Québec early today. A utility spokesperson said “our security quickly detected the attack therefore our critical systems were not impacted” and no personal data was compromised. [node:read-more:link]

TikTok fined in Britain

The U.K. Information Commissioner’s Office confirmed today that it has fined Chinese-owned TikTok ‎‎£‎12.7 million for misusing children’s data and violating other privacy rules. Among other things, the ICO said TikTok had permitted as any as 1.4 million British children under 13 to use the app in 2020 despite the platform’s own rules prohibiting that demographic from creating accounts. [node:read-more:link]

Australia to ban TikTok

Security concerns have prompted Australia to follow its partners in the Five Eyes security group in prohibiting the use of TikTok on government devices. Attorney Attorney General Mark Dreyfus said today that the ban would take effect “as soon as practicable” but that there could be exceptions. [node:read-more:link]

Tighter rules for university researchers

Confirmation that Canadian university researchers have collaborated with military scientists in China has prompted Innovation, Science and Industry Minister François-Philippe Champagne to promise tighter national-security requirements “shortly.” He also noted, however, that universities are a provincial jurisdiction. [node:read-more:link]

Secrecy classification overdone

U.S. National Security Director Avril Haines says that ongoing investigations into the handling of sensitive documents by former U.S. presidents and vice- presidents highlight problems with “over-classification” protocols. “We must keep certain information secret or we will not be able to do our job in the intelligence community,” she said, suggesting it is overdone. “It does have to meet a national security standard.” [node:read-more:link]

Greens mishandled membership data

Personal information on thousands of Green Party of Canada members and supporters were published online for an indefinite period of time in violation of the party’s own rules but the party closed down access to the Google Drive document January 26. Anne Cavoukian, a former Ontario information and privacy commissioner, called it an “appalling” breach of trust [node:read-more:link]

Home Depot shared consumer data

Federal Privacy Commissioner Philippe Dufresne disclosed January 26 that Home Depot shared details from customers’ electronic receipts with Meta, the corporate parent of the Facebook social media platform. The information included encoded email addresses and purchase details which the social media used to target the chain’s customers with specific advertising. [node:read-more:link]

RCMP’s China-linked deal suspended

Public Safety Minister Marco Mendicino’s office said today that the government has suspended a contract with a Toronto-area company, Sinclair Technologies, to supply the RCMP with communications equipment designed to prevent eavesdropping. The company’s corporate parent in B.C., Norsat International, is owned by a Chinese entity the U.S. considers an “unacceptable” national security risk. [node:read-more:link]

Tik Tok labelled a security threat

U.S. Treasury Secretary Janet Yellen says the globally popular Chinese-owned video-sharing app TikTok poses “legitimate national security concerns” due to the potential for the Chinese Communist Party to gain access to users’ data or expose them to propaganda. The globally-popular platform and its Beijing parent, Byte Dance, are being investigated by her department’s foreign investment committee. [node:read-more:link]

Mega-fine for Meta after hack

Facebook’s parent company, Meta, has been fined €265 million by Ireland’s Data Protection Commission after an inquiry showed that search and contact-importing tools for Messenger and Instagram was used to extract customer data between May 2018 and September 2019. A total of 533 million customers in 106 countries were affected. [node:read-more:link]

Apple discloses IOS vulnerabilities

Users of iPhones, iPads, iMacs and some older iPods are being advised to update their operating systems after Apple disclosed two vulnerabilities which could give hackers “full admin access” to the devices. Issued last week, the disclosure evidently received little attention outside of technical publications and Apple explained only that the problem has been discovered by an anonymous researcher. [node:read-more:link]


Subscribe to RSS - Data Protection