United Kingdom
Supply Chain Attack Exposes Almost Half a Million Harrods Customers Records
- The data breach is significant – affecting approximately 430,000 customer records.
- It originated from a security failure at an unnamed external supplier and was communicated to affected customers via email.
- The data primarily includes names and contact details, and, in some cases, information related to marketing preferences, loyalty program status, and affiliations with Harrods’ credit cards.
- Harrods has reassured its customers that no financial information was exposed and communicated the breach to the competent authorities.
New UK Government Demand for Apple Data Sparks Concerns
- New order giving the government the right to demand access to the personal data of Apple’s British users.
- With a warrant personal data can be accessed if there is a threat to national security.
- Apple maintains that privacy is at the heart of its business and will not compromise it.
- If this new order isn’t stopped, the UK Government will likely issue similar orders to other companies too.
United States
Tractor Supply Company fined $1.4 million for privacy violations
- Large retailer violated California Consumer Privacy Act by not giving people the right to opt out of having their personal data sold and shared.
- Moreover, allegedly the company failed to publish a privacy policy, notify job applicants of their privacy rights and shared personal data with third parties without permission.
- Other than the fine, Tractor Supply Company has agreed to change its business practices.
- This is the largest fine ever to be secured by the California Privacy Protection Agency (CPPA) since its was created in 2020.
Apple Removes ICE-Tracking Apps Following Trump Administration Pressure
- The removal followed contact from the Trump administration, specifically the Justice Department, which “demanded” the app ICEBlock be taken down.
- The app used crowdsourced data to anonymously alert users to the presence of ICE agents in their area, similar to how navigation apps alert users to police speed traps.
- Apple issued a statement citing “information we’ve received from law enforcement about the safety risks associated with ICEBlock,” as the reason for the action.
- U.S. Attorney General stated that ICEBlock was “designed to put ICE agents at risk” and that violence against law enforcement was an “intolerable red line.” Alongside the AG, the Homeland Security Secretary has also reportedly issued warnings and threats of prosecution to the app’s creator, Joshua Aaron.
Europe
Dutch privacy watchdog urges LinkedIn users to block AI data use
- The Dutch privacy regulator has warned LinkedIn users to change their settings if they do not want their profile data to be used to train artificial intelligence systems
- LinkedIn plans to use all data available on the platform to train its AI systems, excluding private message
- Option to share data for “improving generative AI” is switched on by default, unless data subjects opt out before November 3.
- The company is headquartered in Dublin and falls under the control of the Irish privacy regulator: the Dutch regulator is already working with them.
Spanish media sue Meta for 550 million euros over data protection
- A Spanish court opened a trial over a lawsuit brought by more than 80 Spanish media organisations against Meta for allegedly breaching EU data protection rules.
- AMI, the main media association, says Meta created unfair competition by systematically breaking the law between May 2018 and July 2023.
- The association alleges that Meta is not complying with digital advertising rules which include companies to obtain users’ consent to create personalised advertising from their data.
- Spanish radio and television stations have launched a separate lawsuit against Meta for the same reasons, seeking 160 million euros in damages.
International
Arattai: “Made in India” Messaging App Tops Charts Amid Government Push
- The messaging app Arattai has been experiencing a massive, unexpected surge in popularity that briefly saw it surpass WhatsApp on Indian app stores. The app saw daily new sign-ups skyrocket from around 3,000 to 350,000 in just three days.
- This dramatic growth is largely driven by public endorsements from Indian government ministers, who promoted Arattai as a secure, “Made in India” alternative aligned with the nation’s push for digital self-reliance.
- Arattai offers a feature set similar to WhatsApp, but the app is promised to be “spyware-free,” does not monetize user data, and stores data within India.
- Despite its rapid success and commitment to privacy, the app has one notable technical limitation: text messages do not yet feature end-to-end encryption.
