Data collection and Definition - Information Management Today

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Krebs on Security

MARCH 20, 2023

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection.

Customer Experience

Customer Experience Privacy Data collection Marketing

Ransomfeed – Third Quarter Report 2023 is out!

Security Affairs

FEBRUARY 13, 2024

The data collected unearthed a total of 1771 ransomware claims, with 55 recorded incidents in Italy. Throughout this period, the platform diligently tracked 185 criminal groups operating worldwide, meticulously tracing 342 servers employed for ransomware activities.

Ransomware

Ransomware Data collection Cybersecurity Information Security

Bill to Amend the Gramm-Leach-Bliley Act Introduced to Congress

Hunton Privacy

MARCH 3, 2023

Financial institutions also would be required to specify in their privacy notice a description of any NPI collected for purposes that extend beyond providing the particular financial product or service.

Privacy

Privacy Data collection Data Privacy Access

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

Security Affairs

DECEMBER 12, 2023

Re-fingerprinting the infected systems indicates the data collected by Lazarus via NineRAT may be shared by other APT groups and essentially resides in a different repository from the fingerprint data collected initially by Lazarus during their initial access and implant deployment phase.”

Agriculture

Agriculture Data collection Access Manufacturing

US: Florida Privacy Bill Advances

DLA Piper Privacy Matters

MARCH 18, 2021

Perhaps the most significant change to existing law is that the Bill expands the definition of “personal information” under Florida’s data breach law to include biometric information. If adopted, notably, the Bill’s definition of “personal information” applies to information about an individual and a household.

Privacy

Privacy Sales Data collection Data breaches

FTC Releases Report on Dark Patterns

Hunton Privacy

SEPTEMBER 28, 2022

Design Elements that Obscure or Subvert Privacy Choices : These dark patterns obscure consumers’ privacy choices and what those choices mean via user interfaces that: “(1) do not allow consumers to definitively reject data collection or use; (2) repeatedly prompt consumers to select settings they wish to avoid; (3) present confusing toggle settings (..)

Data collection

Data collection Sales Privacy Access

Baidu Android apps removed from Play Store because caught collecting user details

Security Affairs

NOVEMBER 24, 2020

The code found in both apps allowed to gather device data, including model, MAC address, carrier information, and IMSI (International Mobile Subscriber Identity) number. The data collection code was found in the Baidu Push SDK, used to show real-time notifications inside both apps. Unit 42 notified Baidu of this discovery.

Data collection

Data collection Privacy Security IT

European Parliament Adopts EU-U.S. Data Privacy Framework Resolution

Hunton Privacy

MAY 11, 2023

However, it goes on to opine that the principles contained in the EO as to proportionality and necessity are “not in line” with the definitions of such under EU law, nor the interpretations of such by the CJEU. authorities, law enforcement authorities would be able to access data they would otherwise have been prohibited from accessing.

Data Privacy

Data Privacy Privacy Data collection Access

Connecticut Tightens its Data Breach Notification Laws

Data Protection Report

OCTOBER 3, 2021

Effective October 1, 2021, an amendment [1] to the Connecticut General Statute concerning data privacy breaches, Section 36a-701b, will impact notification obligations in several significant ways. Expanded Definition of “Personal Information”.

Data breaches

Data breaches IT Insurance Passwords

China Issues the Second Version of the Draft of Data Security Law

Hunton Privacy

MAY 3, 2021

Article 20 stipulates that a data protection policy based on the hierarchical classification and categorization of data and the “important data catalogue” shall be established at the national level. Nonetheless, the Draft DSL does not provide the definition of important data, which may be defined in future implementing rules.

Security

Security Cybersecurity Data collection Government

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

Data Matters

DECEMBER 9, 2021

First, the Proposed Rule would add “connected software applications” to the definition of ICTS. The definition is broad and could encompass a wide range of software — from virtual private network services (VPNs) to mobile applications and computer games. the scope and sensitivity of the data collected.

Communications

Communications Manufacturing Risk Data collection

More New York SHIELD Act guidance

Data Protection Report

JULY 12, 2022

The NYAG faulted Wegmans on five security areas: access controls, password management, asset management, logging and monitoring, and data collection and retention. Data Collection and Retention : The affected information included checksums derived from Customers’ driver’s license numbers.

Passwords

Passwords Data collection Personal data Cloud

Autonomous Vehicles – Canada’s Current Legal Framework: Privacy (Part 4)

Data Protection Report

FEBRUARY 23, 2023

AVs currently under development can collect location data, biometric data, driver behaviour information, and information acquired through synced mobile devices (e.g., A considerable amount of the data collected by AVs could be considered personal information, and in some cases, “sensitive information.”

Privacy

Privacy Manufacturing Artificial Intelligence Data collection

California’s Data Broker Registration Deadline Looming

HL Chronicle of Data Protection

JANUARY 24, 2020

Alongside its flurry of CCPA amendments last term, the California legislature passed Assembly Bill 1202 (AB 1202), the nation’s second “data broker” registration law. AB 1202 requires “data brokers” to register with and pay an annual fee to the California Attorney General (AG). This year’s registration fee is $360. Registration.

Data collection

Data collection Insurance Privacy IT

Privacy Act Review report

Data Protection Report

FEBRUARY 23, 2023

Increased requirements for valid consent The report recommends amending the definition of ‘consent’ to provide that it must be voluntary, informed, current, specific and unambiguous. The practical effect of which would be to remove opt-out inferred consent from the data collection tool kit.

Privacy

Privacy Data collection Data breaches Government

What Is Rum data and why does it matter?

IBM Big Data Hub

DECEMBER 18, 2023

Synthetic data is a statistical representation of reality. By definition, anomalous network performance is unpredictable. RUM data provides the real-time information needed to make these decisions at network speed, optimizing applications and services in a highly granular, customizable way.

IT

IT Cloud Data collection Analytics

FTC Seeks Public Comment on Sears’ Petition to Modify Prior Order on Consumer Tracking

Hunton Privacy

NOVEMBER 16, 2017

On November 8, 2017, Sears Holding Management Corporation (“Sears”) requested that the FTC reopen and modify a 2009 Commission Order (the “Order”) settling charges that Sears inadequately disclosed the scope of consumer data collected through the company’s software application.

Data collection

Data collection IT Privacy

Hong Kong: Important changes proposed to Hong Kong’s data protection law

DLA Piper Privacy Matters

FEBRUARY 28, 2020

Mandatory data retention policy – organisations would need to formulate – and publish – a clear retention policy which specifies a retention period for the personal data collected. Direct regulation of data processors – direct liability for data security, data retention, and data breach notification.

Paper

Paper Personal data Data breaches Data collection

Consultation paper published on Hong Kong’s data protection law

Data Protection Report

JANUARY 16, 2020

As such, the Paper proposes requiring data users to have in place a clear retention policy that specifies: a maximum retention period for different categories of personal data collected; legal requirements that may affect the retention periods (for example, tax, employment and medical regulations); and.

Paper

Paper Personal data Data breaches Privacy

What is a business glossary?

Collibra

MARCH 3, 2021

Those definitions form part of a business ontology – helping organizations understand how different terms relate to one another. . This definition is specific enough to capture the relationship between entities, but also sufficiently open to accommodate potential differences in interpretation. Enforce the use of data standards.

Metadata

Metadata Retail Government Communications

California DoJ Sets March 8 Deadline for CCPA Pre-Rulemaking Comments

HL Chronicle of Data Protection

FEBRUARY 4, 2019

Updating as needed the categories of personal information expressly enumerated in the definition of personal information in order address changes in technology, data collection practices, obstacles to implementation, and privacy concerns.

Data collection

Data collection Sales Privacy Government

Takeaways From CCPA Public Forums

Data Matters

FEBRUARY 12, 2019

The forums won’t likely provide definitive answers, they will likely provide some of the best information available. Updating as needed additional categories of personal information to those enumerated in the bill in order to address changes in technology, data collection practices, obstacles to implementation, and privacy concerns.

Sales

Sales Privacy Data Privacy Compliance

MY TAKE: Why monetizing data lakes will require applying ‘attribute-based’ access rules to encryption

The Last Watchdog

JUNE 2, 2021

The amount of data in the world topped an astounding 59 zetabytes in 2020, much of it pooling in data lakes. We’ve barely scratched the surface of applying artificial intelligence and advanced data analytics to the raw data collecting in these gargantuan cloud-storage structures erected by Amazon, Microsoft and Google.

Encryption

Encryption Access Artificial Intelligence IoT

Belgian Data Protection Authority Releases Direct Marketing Recommendation

Hunton Privacy

FEBRUARY 25, 2020

Some of the key takeaways from the Recommendation include: Definition. Importantly, the Recommendation clarifies that advertising banners, which randomly appear on the Internet, do not fall within the definition of direct marketing. Purchase , Rental and Enrichment of Personal Data. Right to Object.

Marketing

Marketing Personal data GDPR Communications

International Women’s Day 2021: Celebrating Diversity and Inclusiveness

Thales Cloud Protection & Licensing

MARCH 7, 2021

I was definitely having thoughts about leaving the work force, but the more I thought about it (and talked with other moms!), I think that there is definitely less marginalizing and discrimination against women these days, although I still see it and even experience it from time to time. I couldn’t get to every assignment.

Encryption

Encryption Sales Data collection IT

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

Second, a comprehensive inventory makes it easier to comply with user requests to share, update, or delete their data. Children’s data cannot be processed without parental consent, and organizations need mechanisms to verify the ages of data subjects and the identities of their parents. Consents cannot be bundled, either.

GDPR

GDPR Compliance Personal data Privacy

California Department of Justice to Hold Six Public Forums on the CCPA

HL Chronicle of Data Protection

JANUARY 7, 2019

Updating as needed the categories of personal information expressly enumerated in the definition of personal information in order address changes in technology, data collection practices, obstacles to implementation, and privacy concerns.

Data collection

Data collection Privacy Sales Government

Belgium: ePrivacy proposal in progress: Council agrees on its position to start off ‘trilogue’ negotiations

DLA Piper Privacy Matters

FEBRUARY 16, 2021

The Draft sets forth several modifications regarding metadata processing and subjects this category of data to specific obligations. In a nutshell, the most important changes currently contemplated are the following: clarification of the covered metadata’s definition. compatible further processing of metadata.

Metadata

Metadata GDPR IT Communications

NTIA Seeks Public Comment on Approach to Consumer Privacy with an Eye Toward Building Better Privacy Protections

Hunton Privacy

SEPTEMBER 28, 2018

Do any terms used in the approach require more precise definitions, including suggestions for better definitions and additional terms? Are there any aspects of the approach that may be achieved by other means, such as through statutory changes? companies to provide goods and services in those countries?

Privacy

Privacy Data collection Risk Data Privacy

Federal and State Authorities Increase Scrutiny and Enforcement of Children’s Privacy; Google, YouTube Agree to Pay a Record $170 Million Fine

Data Matters

NOVEMBER 8, 2019

Specifically, the FTC and New York Attorney General alleged that Youtube hosts numerous channels that met COPPA’s definition of a site “directed to children” and that Youtube was aware that a significant percentage of users were children under the age of 13. Additionally, Youtube stated that it will no longer permit personalized ads (e.g.

Privacy

Privacy Data collection Compliance Sales

Consultation paper published on Hong Kong’s data protection law

Data Protection Report

JANUARY 16, 2020

As such, the Paper proposes requiring data users to have in place a clear retention policy that specifies: a maximum retention period for different categories of personal data collected; legal requirements that may affect the retention periods (for example, tax, employment and medical regulations); and.

Paper

Paper Personal data Data breaches Privacy

BIPA Lawsuit Proceeds Against Apple in Federal Court

Hunton Privacy

NOVEMBER 18, 2020

The Judge concluded that, at this point in the litigation, questions of fact remained as to the data collected by the facial recognition technology and it is not yet clear whether BIPA applies. Specifically, she pointed out that BIPA “exhaustively” defines biometric information and scans of face geometry are included in the definition.

Data collection

Data collection Privacy IT Information Security

Final California Consumer Privacy Act Amendments Bring Practical Changes (But Your Business May Now Be a California “Data Broker”)

Data Matters

SEPTEMBER 17, 2019

Personal information in credit reports and other data covered by the Fair Credit Reporting Act is also largely exempt. And aggregate or deidentified information definitively does not qualify as CCPA personal information. The Attorney General will publish registration information provided by data brokers on a publicly available webpage.

Privacy

Privacy B2B Sales Compliance

Facebook Has No Idea What Data It Has

Schneier on Security

SEPTEMBER 8, 2022

“And the thing I struggle with here is in order to find gaps in what may not be in DYI file, you would by definition need to do even more work than was done to generate the DYI files in the first place.” ” The systemic fogginess of Facebook’s data storage made answering even the most basic question futile.

IT

IT Data collection

10 Tips on how to improve data quality

Collibra

SEPTEMBER 16, 2022

Organization-wide data-driven culture follows a specific set of values, behaviors, and norms that enable the effective use of data. Naturally, it needs a buy-in from everyone to acknowledge their role in data quality. The following methods to enhance data quality in research can help deliver trusted data.

Customer Experience

Customer Experience Data collection Analytics Communications

China’s First Data Protection Measures Lifting Its Veils

HL Chronicle of Data Protection

JUNE 13, 2019

The scope of application of the Data Security Measures. The scope of application of the Data Security Measures. The data covered by the Data Security Measures includes personal data and important data. Requirements for personal data collection statements.

Personal data

Personal data IT Data collection Compliance

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The only data processing activities exempt from the GDPR are national security or law enforcement activities and purely personal uses of data. Useful definitions The GDPR uses some specific terminology. The GDPR defines personal data as any information relating to an identifiable human being.

GDPR

GDPR Compliance Personal data Privacy

US: CPRA analysis: The ‘good’ and ‘bad’ news for CCPA-regulated ‘businesses’

DLA Piper Privacy Matters

MAY 11, 2020

Create an operationally significant limited exception to deletion and access rights for many types of unstructured data. Amend the second threshold of the definition of a “business” to remove “devices.” Clarify that businesses may offer loyalty, rewards, premium features, discounts or club card programs.

Privacy

Privacy Unstructured data Access Data collection

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

See 45 CFR 164.308(a)(1)(ii)(A)-(B): Implementation Specification: Risk Analysis (required), Implementation Specification: Risk Management (required); see also 45 CFR 164.304 (definition of “Availability”). implement stronger authentication solutions, such as multi-factor authentication. 45 CFR 164.308(a)(5)(i).

Cybersecurity

Cybersecurity Privacy Insurance Risk

EDPB’s New Guidelines – Clinical Trials in the EU and COVID-19

HL Chronicle of Data Protection

MAY 1, 2020

As foreseen in the GDPR, there are several scenarios under which the processing of personal data for scientific research is allowed while guarantying the fundamental rights to privacy and personal data protection. recent trip or presence in a region where COVID-19 is widespread).

GDPR

GDPR Personal data Privacy Data collection

Back At The Negotiating Table: CCPA Amendments Debate Continues

Data Protection Report

JULY 16, 2019

Takeaway : While businesses may no longer have to tie the value of a consumer’s data to goods or services, they will be prohibited from selling data collected in connection with customer loyalty programs. Changes to Definition of Personal Information Bill Fails But Is Held for Reconsideration.

Privacy

Privacy B2B Data breaches Data collection

Update of Japan’s Privacy Law Approved by Cabinet

HL Chronicle of Data Protection

MARCH 31, 2020

Right of data subjects to demand disclosure of data: The amendments would broaden the types of retained data (i.e., data retained for less than 6 months will be included in the definition of the retained data) a data handler must disclose to a data subject upon request.

Privacy

Privacy Personal data Big data Data collection

Overview of Thailand Draft Personal Data Protection Act

Data Protection Report

AUGUST 6, 2018

The Draft Act has been revised to replicate many of the concepts and obligations which are common across global data protection laws and in particular the GDPR. Key definitions. Data controller ” is a person (whether a natural or legal person) who has authority to make decisions on collection, usage or disclosure of Personal Data.

Personal data

Personal data Data collection Compliance GDPR

Spanish DPA Publishes Guide for Satisfying PbD Obligation

HL Chronicle of Data Protection

NOVEMBER 6, 2019

This relates to the GDPR principles of data minimisation, storage limitation, and integrity and confidentiality. Privacy Engineering entails three major stages: Privacy requirements definition: Specify the privacy properties, concept and requirements to be fulfilled by the system.

GDPR

GDPR Personal data Privacy Risk

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Ransomfeed – Third Quarter Report 2023 is out!

Webinars

Trending Sources

Bill to Amend the Gramm-Leach-Bliley Act Introduced to Congress

Webinars

Operation Blacksmith: Lazarus exploits Log4j flaws to deploy DLang malware

US: Florida Privacy Bill Advances

FTC Releases Report on Dark Patterns

Baidu Android apps removed from Play Store because caught collecting user details

European Parliament Adopts EU-U.S. Data Privacy Framework Resolution

Connecticut Tightens its Data Breach Notification Laws

China Issues the Second Version of the Draft of Data Security Law

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

More New York SHIELD Act guidance

Autonomous Vehicles – Canada’s Current Legal Framework: Privacy (Part 4)

California’s Data Broker Registration Deadline Looming

Privacy Act Review report

What Is Rum data and why does it matter?

FTC Seeks Public Comment on Sears’ Petition to Modify Prior Order on Consumer Tracking

Hong Kong: Important changes proposed to Hong Kong’s data protection law

Consultation paper published on Hong Kong’s data protection law

What is a business glossary?

California DoJ Sets March 8 Deadline for CCPA Pre-Rulemaking Comments

Takeaways From CCPA Public Forums

MY TAKE: Why monetizing data lakes will require applying ‘attribute-based’ access rules to encryption

Belgian Data Protection Authority Releases Direct Marketing Recommendation

International Women’s Day 2021: Celebrating Diversity and Inclusiveness

How to implement the General Data Protection Regulation (GDPR)

California Department of Justice to Hold Six Public Forums on the CCPA

Belgium: ePrivacy proposal in progress: Council agrees on its position to start off ‘trilogue’ negotiations

NTIA Seeks Public Comment on Approach to Consumer Privacy with an Eye Toward Building Better Privacy Protections

Federal and State Authorities Increase Scrutiny and Enforcement of Children’s Privacy; Google, YouTube Agree to Pay a Record $170 Million Fine

Consultation paper published on Hong Kong’s data protection law

BIPA Lawsuit Proceeds Against Apple in Federal Court

Final California Consumer Privacy Act Amendments Bring Practical Changes (But Your Business May Now Be a California “Data Broker”)

Facebook Has No Idea What Data It Has

10 Tips on how to improve data quality

China’s First Data Protection Measures Lifting Its Veils

GDPR compliance checklist

US: CPRA analysis: The ‘good’ and ‘bad’ news for CCPA-regulated ‘businesses’

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

EDPB’s New Guidelines – Clinical Trials in the EU and COVID-19

Back At The Negotiating Table: CCPA Amendments Debate Continues

Update of Japan’s Privacy Law Approved by Cabinet

Overview of Thailand Draft Personal Data Protection Act

Spanish DPA Publishes Guide for Satisfying PbD Obligation

Stay Connected