- The ICO has warned organisations to refrain from using blind carbon copy function when sending emails that contain sensitive personal data.
- The guidance also comes with advice for organisations when sending bulk emails.
- Mihaela Jembei, ICO Director of Regulatory Cyber, said: “Failure to use BCC correctly in emails is one of the top data breaches reported to us every year – and these breaches can cause real harm, especially where sensitive personal information is involved”.
- Find the guidance here: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/security/email-and-security/.
- The lawsuit claims that Amazon’s “Just Walk Out” cashless checkout – which facilitates cashless check out at Amazon Go and two New York City Starbucks that share space with Amazon Go stores, is in violation of New York City Law.
- The plaintiffs claim that the biometric data collected by the technology does not adhere to the city ordinance requiring a clear and conspicuous notice of such to be visible for all.
- Amazon on the other hand argues its customers consent to the use of the technology.
- Car insurer GEICO has been accused of disclosing data found on driver’s licenses to identity thieves.
- The lawsuit centres around the claim that the company auto-populated the numbers from driver’s licenses into its database when its users provided their basic information so as to obtain insurance quotes.
- After a data breach, this data then went on to be used for fraudulent unemployment benefit applications under the victim’s names.
- The Irish DPC is warning parents about potential unintended oversharing of children’s personal data.
- This is due to the start of ‘back-to-school’ photos that many parents tend to post online this time of year.
- The Commission recommends parents be careful when sharing details about their children’s schools, and their location, when uploading these sorts of posts.
- Employees at Canadian National have alleged that the company used work-issued tablets to track train operators off the clock.
- The geolocation that was allegedly collected by the company was processed without the consent of the employees.
- The tracking was only discovered by accident, through a disclosure process where the company was obligated to disclose why they were disciplining a worker.
- Worldcoin, the crypto currency exchange, has been ordered to temporarily halt its processing of biometric data in Kenya.
- This is to have effect until an investigation by the Office of the Data Protection Commissioner of the country is resolved.
- The High Court also ordered Worldcoin to destroy all data in its possession under the supervision of the Office of the Data Protection Commissioner and has revoked their license as a data controller.
- Telecom companies are obliged to install the hardware in subsea cable landing stations and data centres, and the software searches, copies and provides personal data to Indian security agencies.
- According to the government, all requests for monitoring have to be approved by the Home Secretary of India.
- Critics claim this approval process is simply a procedural safeguard, and does little to prevent targeted snooping, bypassing privacy protections.