Top News – CPPA sponsors new universal opt-out bill; Meta faces heat in E.U. for 'consent or pay' and more
Universal opt-out bill introduced in California
Bill AB 3048 was introduced by assembly member Josh Lowenthal and sponsored by the California Privacy Protection Agency. This bill mandates browsers and devices to provide users with the ability to exercise their privacy preferences through opt-out signals. The need for this bill was highlighted by the CPPA executive's words, "Most Californians are unable to avail themselves of these important rights because the tools they use to navigate online do not communicate their privacy preferences." Read more
Pharmacies across the U.S. disrupted due to cyberattack
Change Healthy, a U.S. health tech company that operates healthcare payments, faced a cyber attack in February that affected multiple systems across medical records, pharmacies, payment services, and more. The company reportedly took immediate action to disconnect their systems to prevent further damage once they became aware of the attack. They are currently working with security experts and law enforcement and have notified customers and clients. Read more
Cybersecurity Framework updated by NIST
The U.S. National Institute of Standards and Technology published its updated version of the Cybersecurity Framework in late February, the first major update since January 2014, when the framework was created. The updated framework intends to assist all organizations, not only its initial target audience, those in critical infrastructure, with managing and reducing cybersecurity risk. Further, the updates have an additional emphasis on governance and supply chains. Read more
Meta's 'consent or pay' faces heat across the E.U.
Eight consumer rights groups across the E.U. have filed complaints with national data protection authorities against Meta's 'consent or pay' option. Meta currently charges users in the E.U. for an ad-free subscription to access Facebook/Instagram. Users who do not wish to pay for the ad-free subscription have to agree to be tracked and profiled. A legal analysis conducted by the European consumer organization BEUC found Meta's processing of data to be in violation of the GDPR. Read more
BNSF Railway to pay $75 million to resolve BIPA lawsuit
BSNF Railway, owned by Warren Buffett, was found to be in violation of the Illinois Biometric Information Privacy Act after it was allegedly found that the Railway collected the fingerprint scans of thousands of drivers at the automated gate systems in four company facilities. The freight train company agreed to pay $75 million to resolve the class action. Read more
