Privacy Analysis of Ambient Light Sensors

Schneier on Security

Interesting privacy analysis of the Ambient Light Sensor API. Uncategorized academic papers privacy risks security engineeringAnd a blog post. Especially note the “Lessons Learned” section.

Privacy Framework Proposed to Address HIPAA Gaps

Data Breach Today

The eHealth Initiative and the Center for Democracy and Technology are seeking feedback on their draft privacy framework that addresses gaps in legal protections for consumer health data falling outside of HIPAA's regulatory umbrella, says eHI CEO Jennifer Covich Bordenick

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Building Privacy-Centered Contact-Tracing Apps

Data Breach Today

Using privacy-by-design principles is critical to building trust in these apps, says privacy expert Ann Cavoukian Contact-tracing apps are continuing to take shape around the world as the COVID-19 pandemic continues.

Court Dismisses Privacy Case Against Google, Medical Center

Data Breach Today

But Judge Opens the Door to Filing an Amended Complaint A federal judge has dismissed a lawsuit filed last year against Google and the University of Chicago Medicine involving complex privacy and other issues related to the use of patients' de-identified electronic health record data.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

The 'Human Element' in Privacy

Data Breach Today

Gabriel Gumbs of Spirion on Privacy Regulations and Data Classification The RSA 2020 theme was "The Human Element." Gabriel Gumbs of Spirion describes what this means in the era of privacy regulations

Privacy in the Pandemic Era

Data Breach Today

IAPP's Omer Tene on Why Privacy Issues Are More Important Than Ever Before COVID-19, the privacy discussion this year was mainly about the California Consumer Privacy Act. Omer Tene of the IAPP discusses the pandemic's influence on global privacy concerns Now it's about healthcare data sharing, contact tracing and monitoring remote workers.

NIST Privacy Framework: The Implementation Challenges

Data Breach Today

Although NIST's new privacy framework is agnostic toward any particular privacy law, "it gives organizations building blocks to help them meet any obligations under any particular law or jurisdiction" says Naomi Lefkovitz, a NIST senior privacy adviser

Facebook's Privacy Practices Targeted by Canadian Regulator

Data Breach Today

To Force Changes, Regulator Must Prove Facebook Violated Canada's Privacy Law Canada's privacy commissioner is taking Facebook to court to try and force the social network to make specific changes to its privacy practices.

Google Calendar Privacy Concerns Raised

Data Breach Today

Companies Need to Be Aware of Risks A misconfiguration in a Google Calendar function that allows Google to index calendars raises serious privacy concerns because it could lead to inadvertent, broad public exposure of calendars that contain sensitive information, including corporate details, a researcher reports

Telehealth and Coronavirus: Privacy, Security Concerns

Data Breach Today

But these providers need to carefully consider privacy and security issues as they work to quickly offer these services As Services Expand, What Factors Should Organizations Consider? To help deal with the coronavirus outbreak, healthcare providers are examining how to implement or expand the use of telehealth services to remotely evaluate and care for patients.

Canada's 2020 Privacy Outlook

Data Breach Today

Former Regulator Robin Gould-Soil on Convergence of Privacy, Security Former regulator Robin Gould-Soil has a unique perspective, with experience in both the public and private sectors. She weighs in on the convergence of privacy legislation and cybersecurity

AMA Outlines Privacy Principles for Health Data

Data Breach Today

The American Medical Association has issued a set of privacy principles for health data that it hopes Congress and regulators will keep in mind as they prepare legislation and regulations.

Telehealth After COVID-19: Privacy, Security Considerations

Data Breach Today

Congress, Others Examine Long-Term Telemedicine Issues If the lifting of telehealth restrictions during the COVID-19 pandemic becomes permanent through new legislation or changes in government policies, what would be the potential impact on patient data privacy and security

Addressing Privacy Compliance Challenges

Data Breach Today

Fatima Khan of Okta on Going Beyond GDPR Compliance Compliance with the European Union's General Data Protection Regulation is no guarantee of compliance with other privacy regulations, says Fatima Khan of Okta, who discusses the challenges

GOP Federal Privacy Bill Would Supersede CCPA

Data Breach Today

9 Apps to Boost Your Phone's Security and Privacy

WIRED Threat Level

Security Security / PrivacyAndroid and iOS are getting better about protecting your data and device. But if you're looking for an extra line of defense, these can help.

Privacy: Several States Consider New Laws

Data Breach Today

After California Takes Bold Action, Other States Ponder Privacy Protection Measures Several U.S. states are considering new legislation to shore up consumer data privacy laws in the wake of California passing strict privacy requirements last year. What's in the pipeline

'Privacy by Design' Implementation Tips

Data Breach Today

Implementing the concept of "privacy design" requires a series of critical steps, says Heikki Tolvanen, chief legal engineer at PrivacyAnt, a Finland-based privacy consulting firm, who offers insights on mistakes to avoid

Telehealth App Breach Spotlights Privacy, Security Risks

Data Breach Today

Glitch Briefly Allowed Potential Access to Patient Consultation Recordings A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of the potential security and privacy risks involving telemedicine applications, especially as the use of the technology soars during the COVID-19 pandemic

Risk 143

Facebook's FTC Privacy Settlement Challenged in Court

Data Breach Today

Federal Judge Still Considering Objections From Privacy Groups Six months after Facebook agreed to a landmark privacy settlement with the U.S.

Microsoft Will Apply California's Privacy Law Nationwide

Data Breach Today

Company's Move Could Influence Other Technology Companies Microsoft will apply the core rights of the California Consumer Privacy Act across all its customers in the U.S., which could nudge other technology companies in the same direction as online privacy becomes an increasing concern. The move is significant in that the technology industry has lobbied against parts of the law

COVID-19: Privacy, Security Concerns as Businesses Reopen

Data Breach Today

As businesses reopen, they need to carefully consider the privacy, security and legal implications of collecting COVID-19 related information from customers, employees and other individuals, says privacy attorney Iliana Peters of the law firm Polsinelli

Credit Card Privacy

Schneier on Security

creditcards privacy surveillanceGood article in the Washington Post on all the surveillance associated with credit card use.

Privacy Provisions Pushed for COVID-19 Relief Bill

Data Breach Today

Democratic Senators Urge Inclusion of Health Data Safeguards A group of Democratic senators is urging Senate leaders to include in the next round of coronavirus economic relief legislation provisions for protecting the privacy of COVID-19 health data

California Modifies Consumer Privacy Regulations - Again

Data Breach Today

Attorney Sadia Mirza Reviews 'Spring Cleaning' of Landmark CCPA Privacy Law Amidst the COVID-19 pandemic, California's attorney general on March 11 released a second modification of the proposed regulations to implement the California Consumer Protection Act.

IoT Privacy and Security: Will Product Labels Help Buyers?

Data Breach Today

Food-Like Labeling for Connected Devices Developed by Carnegie Mellon University With internet connectivity getting added to an increasing number of products, privacy and security risks abound. But buyers may be unaware. A team of Carnegie Mellon University researchers aims to change that, by clear labeling of connected devices and the risks they may pose

IoT 182

UK Parliament Seizes Internal Facebook Privacy Documents

Data Breach Today

court documents to reveal internal Facebook discussions about data security and privacy controls, as Parliament probes Facebook and other social media firms, as well as Russian interference and fake news

Canada Says Facebook Violated Privacy Laws

Data Breach Today

Privacy Commissioner Will Go to Court to Enforce Recommendations Canada's privacy commissioner says Facebook violated its privacy laws by failing to protect users' personal data. The commissioner plans to take Facebook to federal court for allegedly refusing to implement recommendations to strengthen its privacy framework

Zoom Still Addressing Security, Privacy Concerns

Data Breach Today

Governments, Organizations Rethink Use of Teleconference Platform As governments and organizations around the globe rethink their use of the Zoom teleconference platform as a result of ongoing privacy and security concerns, the company is making more system changes and has formed a CISO advisory board

Privacy Shield shafted – but do SCCs really deliver better privacy protections?

Data Protector

Presumably, most of the companies that have used the Privacy Shield will decide to adopt the SCC approach. I doubt whether a shift from the Privacy Shield to the SCCs will fundamentally change the protections that are afforded to the relevant individuals. Here we go again.

'Privacy by Design': Building Better Apps

Data Breach Today

Technology companies often don't build in controls to protect privacy during the application development process, says Jason Cronk, a lawyer and privacy engineer. But using "privacy by design" principles during software development can help avoid trouble, he says

COVID-19 Contact-Tracing Apps: The Privacy Issues

Data Breach Today

COVID-19 contract-tracing applications that help monitor individuals' possible exposure to those who have tested positive for the virus present a variety of privacy issues that must be addressed, says regulatory attorney Nancy Perkins

Congress to Consider Competing COVID-19 Privacy Bills

Data Breach Today

Democrats and Republicans Introduce 2 Versions of Legislation With Similar Goals As COVID-19 rages and technology firms race to develop contact-tracing apps and other digital tools to help contain the spread, congressional Democrats have followed Republicans in introducing privacy legislation aimed at protecting consumer data collected during public health emergencies

California Needlessly Reduces Privacy During COVID-19 Pandemic

Schneier on Security

breaches covid19 medicine privacyThis one isn't even related to contact tracing: On March 17, 2020, the federal government relaxed a number of telehealth-related regulatory requirements due to COVID-19.

New Mexico Sues Google Over Children's Privacy

Data Breach Today

State Alleges Data About Young Students Is Illegally Collected New Mexico is suing Google, alleging the company violates a federal child privacy law by collecting the personal data of students younger than age 13 without their parents' consent. Google rejects the lawsuit's claims, saying they are "factually incorrect

Contact-Tracing App Privacy: Apple, Google Refuse to Budge

Data Breach Today

In response, Germany is among those now backing a privacy-preserving, decentralized model Germany Changes Tack to Decentralized Model; Some US States Seek More Control Apple and Google have promised to help facilitate contact-tracing apps, but they've rejected calls to give users' location data to governments, as the U.K., France and some U.S. states are demanding.

Privacy vs Security Matters to Consider When Reopening


As the world reemerges from shutdowns due to COVID-19, organizations are balancing the need to protect their employees and customers with an obligation to protect the privacy of workers and their families. The Privacy vs Security Problem in a Post-COVID World.

Apple Addresses iPhone 11 Location Privacy Concern

Krebs on Security

Apple is rolling out a new update to its iOS operating system that addresses the location privacy issue on iPhone 11 devices that was first detailed here last month.

Ireland's Privacy Watchdog Probing Google's Data Use

Data Breach Today

Investigation Comes After Numerous Consumer Complaints Ireland's Data Protection Commission is launching an investigation into how Google uses customer data for its location services after the privacy watchdog received numerous complaints from consumer rights organizations across the European Union