United Kingdom
Irish data privacy watchdog fines Meta €251 million for GDPR failure
- Ireland’s Data Protection Commission (DPC) has fined Meta €251 million for a security breach on Facebook beginning in July 2017, which affected close to 3m accounts.
- The breach allowed unauthorized people to exploit a vulnerability on a Facebook code, allowing them to view profiles of users who they would not have been able to see otherwise.
- The DPC found that Meta failed to notify and fully document the breach to regulatory authorities, infringing the General Data Protection Regulation (GDPR). The bulk of the fine was for the nature of the breach, and the failure of the design of the system to include the required data protection requirements.
Landmark new rules to bring transparency to family courts
- Journalists will be able to request a transparency order in all family courts to allow them to report what they see and hear, access key documents and speak to families – provided they keep them anonymous.
- This is a significant change, as previously journalists and legal bloggers could attend family courts but were limited in what they could report.
- Judges will retain the power to turn down requests, but there is a presumption in favour of reporting.
- The changes will come into force on the 27th of January 2025.
United States
US moves to boost crackdown on China Telecom’s unit over data privacy
- A source confirmed that the US Commerce Department sent China Telecom Americas a preliminary determination that its presence in US networks and cloud services poses US national security risks and gave the company 30 days to respond.
- The Federal Communications Commission previously revoked China Telecom Americas’ authorization to operate in the US in 2021, citing national security concerns.
- There is growing alarm in Washington about China’s alleged efforts, known as Salt Typhoon, to infiltrate American telecommunications companies and steal data about US calls.
Europe
Apple complains Meta requests risk privacy in spat over EU efforts to widen access to iPhone tech
- Apple complained that requests from Meta Platforms for access to its operating software threaten user privacy. These requests come after intensifying effort from the European Union (EU) to make Apple open up to products from tech rivals.
- The EU’s executive Commission is drawing up “interoperability” guidelines for Apple under its new digital competition rulebook to ensure devices like smartwatches or features like wireless file transfers work as smoothly with iPhones as Apple products.
- Apple has stated that it is “concerned that some companies — with data practices that do not meet the high standards of data protection law held by the EU and supported by Apple — may attempt to abuse the DMA’s interoperability provisions to access sensitive user data.”
- Meta has been specifically singled out by Apple as a concern, as they noted that if those requests were granted, “Facebook, Instagram, and WhatsApp could enable Meta to read on a user’s device all of their messages and emails, see every phone call they make or receive, track every app that they use, scan all of their photos, look at their files and calendar events, log all of their passwords.”
Netflix fined by Dutch privacy watchdog over personal data violations
- Netflix has been fined €4.75 million by the Dutch privacy watchdog for customer data violations.
- The investigation by the watchdog showed Netflix failed to inform customers clearly enough in the privacy statement about what was done with their data between 2018 and 2020. Additionally, customers did not get enough information when they asked Netflix what data was collected about them.
- Netflix has said they have since updated its privacy statement and improved its information provision.
EU police data plans raise serious privacy and security concerns
- Over 50 organizations have signed an open letter to the EU Justice and Home Affairs Council, warning over the changing police access to data that could undermine human rights and digital security for citizens of Europe.
- At issue in the letter is the movement to grant law enforcement greater access to personal data, which the signatories say could result in privacy abuses and mass surveillance.
- ‘Lawful access by design’ was called out, the concept that that law enforcement access would be baked into the development of digital technologies. In effect, it would require that a back door be created in otherwise secure applications so that police could gain access to the data within. Critics noted encryption and the security of digital communications could be undermined as a result.
- Signatories also warn such extensive surveillance powers can be abused in ways to target journalists, activists, and political dissidents.
International
Meta Settles With Australia’s Privacy Watchdog Over Cambridge Analytica Lawsuit
- The Office of the Australian Information Commissioner alleged personal information of some users was being disclosed to Facebook’s personality quiz app.
- The personal data of 311,127 Australian Facebook users was “exposed to the risk of being disclosed” to consulting firm Cambridge Analytica and used for profiling purposes, according to the 2020 statement.
- After court ordered mediation between Meta and the privacy commissioner, a settlement has been reached between them of Meta paying A$50 million on a no admission basis.
- The Australian Information Commissioner said, “Today’s settlement represents the largest ever payment dedicated to addressing concerns about the privacy of individuals in Australia”
