May 25, 20232 min
Updated: Sep 13, 2023
Tennessee to enact state privacy law
On May 11th, Tennessee Governor signed the Tennessee Information Privacy Act (TIPA) into law, which is said to go into effect on July 1st 2024. Tennessee state to enact will be the 8th privacy law. Indiana and Iowa having enacted such laws only recently. Standing apart from other laws, TIPA will require companies to comply with NIST’s privacy framework. Their cure period being 60 days. Read more
COPPA violated by children's Ed Tech company says FTC
Educational technology provider Edmodo Inc. has been ordered by the Federal Trade Commission to cease collecting more data from students than necessary. It was found that Edmodo would mandate students to provide information beyond what was necessary for them to participate in the educational activities. FTC stated that Edmodo violated COPPA’ rule as they failed to provide the users with information about their data collection practices and did not obtain verifiable parental consent. Read more
Biden administration to prioritise children’s online privacy
The Biden-Harris Administration has announced plans to safeguard children's online privacy along with their plans to protect their mental health and safety. Concerned about children's exposure to excessive data collection, the ‘harmful content’ of paid advertising, the ‘manipulative design techniques’ embedded in products, and the increasing worry about AI, the Biden administration has stated that it is a top priority to pass legislation that would protect children's mental health and online safety. Read more
Patient and provider data exposed
The parent company of Harvard Pilgrim Health Care, Point32Health, suffered a massive cyber attack in which patient and provider personal information was stolen. Among the stolen data were names, addresses, medical information, and history. Frustrated patients and providers made it known that there was a lack of transparency on the part of the company. Read more
Third-party about to conduct bank transfers from user’s bank account
Spanish data protection authority AEPD fined Digi Spain Telecom €70,000 for providing an unauthorized third party with a duplicate SIM card without the consent of the customer, allowing the third party to conduct bank transfers from the customer's bank account. Read more