Weekly Privacy News Update – Episode 05

privacy-news-weekly-update-november-1-2021-thumbnail

Updated Cookie Guidelines served by Luxembourg’s DPA

Luxembourg’s National Commission for Data Protection (CNPD) has updated and published its guidelines on cookies and other trackers that will assist websites and apps in adhering to the law. Included in the updated guidelines on the CNPD’s comment on essential and non-essential cookies. The guideline also states the notion of dark patterns in relation to obtaining user consent and examples of good practices.

Sources: IAPP, CNPD

Senators Pushing the Protective Sensitive Personal Data Act

The Protective Sensitive Personal Data Act aims to expand the oversight authority of the U.S. Department of Treasury’s Committee on Foreign Investment on sensitive personal data. The legislation wants to secure data that includes: genetic test results, health conditions, insurance applications, financial hardship data, security clearance information, geolocation data, private emails, data for generating government identification, and credit report information. U.S. Senators  Rubio (R-Fla.), and Raphael Warnock (D-Ga), introduced this legislation.

Sources: IAPP, Senator Marco Rubio

DATA Privacy Act gets revival from U.S. Senator

The Digital Accountability and Transparency to Advance Privacy Act got its reintroduction from U.S. Sen. Catherine Cortez Masto (D-Nev). Proposed last 2019, the comprehensive bill includes:

  • Data rights.
  • A data protection officer requirement.
  • A required opt-out process with an opt-in consent plan for sensitive data collection.

The bill will not preempt state privacy laws and has no private right of action.

Sources: IAPP, Senator Catherine Cortez Masto

Lack of User Consent leads to Technical Breach

Huq, a British location data firm, disclosed two “technical breaches” caused by third-party applications due to the lack of user consent ahead of collecting location data.“Huq data is used anonymously. Nevertheless, consent is a vital pillar of data collection and must be taken seriously. We strive to ensure consent is explicitly sought by all our app partners. If there is a breach, we always act swiftly,”  according to Chief Executive Conrad Poulson. Kaibits Software, one of the developers of the third-party apps, acknowledged the “problems with permissions” and says it has been settled. A second app developer has not responded yet.

Sources: IAPP, BBC

Facebook Ordered to Give Compensation in South Korea

South Korea’s Data Protection Authority (DPA) has sanctioned Facebook’s parent company Meta Platforms to pay compensation to users for breach of consent.  Facebook needs to compensate 181 users that requested for damages, paying them $256.70 each. In November 2020, South Korea’s DPA issued a fine of 6.7 billion won to Facebook for sharing personal data of 3.3 million users in the country to third parties with no consent. With over 10,000 third-party apps accessing the data.

Sources: IAPP, Sambad English

$17.6 Million Settlement for Insurance Breaches in Illinois

The $17.6 million proposed settlement from Kemper Insurance has been approved by the Illinois federal court. Kemper Insurance had two data breaches in December 2020 and March 2021 that possibly jeopardized 6.1 million personal data. Included are names, addresses, Social Security numbers, driver’s license numbers, and other personal information in the breach.

Sources: IAPP, Insurance Journal

Masha Komnenic CIPP/E, CIPM, CIPT, FIP
More about the author

Written by Masha Komnenic CIPP/E, CIPM, CIPT, FIP

Masha is an Information Security and Data Privacy Specialist and a Certified Data Protection Officer. She has been a Data Protection Officer for the past six years, helping small and medium-sized enterprises achieve legal compliance. She has also been a privacy compliance mentor to many international business accelerators. She specializes in implementing, monitoring, and auditing business compliance with privacy regulations (HIPAA, PIPEDA, ePrivacy Directive, GDPR, CCPA, POPIA, LGPD). Masha studied Law at Belgrade University, and she passed the Bar examination in 2016. More about the author

Related Articles

Explore more resources