Top News – Iowa to enact state privacy law, TikTok and Meta sued over minors’ safety, and more
Geolocation of scooters tracked, CNIL imposes fine
French data protection authority, CNIL imposed a €125,000 fine on Cityscoot, a bike rental company for collecting the geolocation of its rented scooters every 30 seconds. This data was collected without the informed consent of renters. CNIL found that Cityscoot violated Article 5.1.c and Article 28.3 of the GDPR as well as Article 82 of the French Data Protection Act. Read more
TikTok and Meta sued over children safety concerns
The State of Arkansas sued TikTok and Meta over the safety concerns of minors using their platforms. It was alleged that appropriate steps weren’t taken to protect children from inappropriate content like sexual and drug and alcohol related material. Claims were made that these platforms caused and increased mental health problems for youngsters. Read more
AEPD imposes €70,000 fine for unlawful processing of PI
Spanish data protection, AEPD found that telephone line manager, Orange Espagne shared a duplicate SIM card of a customer with a third party which result in the third-party gaining access to the customer’s bank details, passwords and email addresses. AEPD found that Orange Espagne violated Article 6(1) of the GDPR for unlawful processing of personal data and failing to protect personal information of customer. Read more
Financial and health data compromised in data breach
Property and development and construction company based in Australia, Meriton reported a significant data breach that potentially affected the personal information of staff and customers. Among the compromised data is said to be the financial, health and employment information of staff. 35.6 gigabytes of data are said to have been compromised. Read more
Sixth state privacy law to be enacted
Joining California, Utah, Virginia, Connecticut and Colorado, Iowa has passed its comprehensive privacy law that will go into effect on 1st Jan 2025. The state law is to adopt a familiar definition of personal data. Consumers will have the right to access, the right to delete, the right to portability and the right to opt-out of sale of PI under state law. Notably, consumers do not have the right to correct their personal data, to not be subject to fully automated decisions and the right to opt-out of certain processing like targeted advertising. Read more
コメント