Discord fined by CNIL

A fine of €800,000 has been imposed on Discord by the Commission nationale de l'informatique et des libertés (CNIL) for failing to comply with several obligations under the GDPR. The company was found to be in violation of the GDPR requirements on data retention periods and personal data security. Read More

Suit against university dismissed under BIPA

The Powell v. DePaul University federal court case was recently dismissed based on the “financial institution” exemption under the Illinois Biometric Information Privacy Act’s (BIPA). The suit was filed by an online student alleging that the school violated BIPA by "using an online remote proctoring tool to capture, store, and disseminate his and other students’ facial geometry data” without consent. Read More

Apple sued by NY resident over data collection

Apple is facing a class-action lawsuit by a New York resident alleging the company collects “information about iPhone users' interactions with its apps, even when the users attempt to opt out of the data collection.” The suit claims that Apple is violating California privacy laws, including one that prohibits companies from electronically eavesdropping on confidential communications. Read More

Continental, Thales targeted by hackers

Automotive parts manufacturing company Continental is investigating a cyberattack after reports of data theft. As per reports, a group of hackers tapped into Continental's data and stole about 40 terabytes of data in August. Read More

In a similar incident, the Thales group was targeted by the cybercrime gang Lockbit, who published an archive containing 9.5 gigabytes of data relating to the company. Thales confirmed that the data had been posted on the hackers' site but said that there had been "no intrusion" into the company's IT system. Read More

FBI warns about TikTok

The FBI Director reminded lawmakers about the concerns around TikTok and its threat to national security. He said that the problems include “the possibility that the Chinese government could use it to control data collection on millions of users, or control the recommendation algorithm which could be used for influence operations if they so choose, or to control software on millions of devices.” Read More