Top News: Spanish DPA fines Google, Tesla’s BLE vulnerability, and more
Google fined by Spanish DPA
The Spanish DPA (AEPD) issued a fine of €10 m on Google for two violations of the General Data Protection Regulation. It was found that Google shared user data with a third party without legitimacy to do so and also without providing an opt-out mechanism. Read More
OPC issues interpretation of sensitive data under PIPEDA
The Office of the Privacy Commissioner of Canada (OPC) issued guidance for the interpretation of sensitive information under the Personal Information Protection and Electronic Documents Act (PIPEDA). It stated that “health and financial data, ethnic and racial origins, political opinions, genetic and biometric data, sexual orientation, and religious/philosophical beliefs are among the types of information that will generally be considered sensitive and require a higher degree of protection”. Read More
Texas AG amends Google lawsuit
Texas Attorney General Ken Paxton has filed an amended privacy petition to his previous geolocation-related lawsuit against the Alphabet Inc unit. The amended petition claims that “Google deceptively collects an array of personal data even when a user has engaged Incognito mode." Read More
NCC Group unveils Tesla’s BLE vulnerability
NCC Group unveiled a Bluetooth Low Energy (BLE) vulnerability that poses a risk to cars, mobile devices and locking systems using Bluetooth proximity authentication mechanisms. The researchers performed a successful exploit on Tesla Models 3 and Y by unlocking and driving the vehicle using a small relay device attached to a laptop which bridged a large gap between the Tesla and the Tesla owner's phone. Read More
Texas Dept. of Insurance confirms data breach
The Texas Department of Insurance (TDI) has revealed that the personal information of nearly 2 million Texans was exposed for almost three years due to a programming issue. Details of workers who have filed compensation claims were publicly available online from March 2019 to January 2022, which included their Social Security numbers, addresses, dates of birth, phone numbers and information about workers’ injuries. Read More
Comments