Google’s data collection practice reprimanded by EU and US consumer groups
Google’s data collection practices are now subject to formal complaints that EU consumer groups will file. The complaints allegedly stemmed from the lack of transparency given to users on how their data is used for targeted advertising. Also, part of the complaints is that the opt-out option for data collection requires more steps than opting in, which only needs one click. According to the consumer groups, Google violates the Privacy-by-Design requirements in the General Data Protection Regulation (GDPR). Meanwhile, in their letter to the US Federal Trade Commission (FTC), certain tech and consumer groups in the US are preparing to file similar complaints.
Source: Tech Crunch, IAPP, Wall Street Journal
FCC Commissioner wants to pull out TikTok from Apple and Google app stores
US Federal Communications Commissioner Brendan Carr is asking tech giants Apple and Alphabet to remove TikTok from their iPhone and Android app stores. He describes TikTok as a sophisticated surveillance tool that harvests extensive amounts of personal and sensitive data. According to Carr, the apps collect data such as browsing history, location data, biometric identifiers, and contented store on a device. Leaked recordings of internal meetings in TikTok supposedly revealed that the Chinese firm had accessed nonpublic data of users in the US. TikTok’s pattern of surreptitious data practices has led him to call for its removal in the app stores.
California Age-Appropriate Design Code Act advances
The California State Assembly’s Senate Judiciary Committee has passed the proposed California Age-Appropriate Design Code Act. The bill will make its way to the Committee on Appropriations. It contains provisions for children’s data protection and limits to online exposure for minors under the age of 18 that would be enforceable by the California Privacy Protection Agency. August 31 is the last day for bills to be passed in either legislative chamber; the governor must sign or veto them by September 30.
Source: IAPP, California Legislative Information
China publishes new guidance for cross-border data processing
The National Information Security Standardization Technical Committee of China has published its guidance on performing cross-border data processing in a standardized manner and compliant with the Personal Information Protection Law (PIPL). The “Practice Guidelines for Cybersecurity Standards — Cross-border Processing of Personal Information” includes vital security principles and requirements for cross-border transfers and the “protection of the rights and interests of personal information subjects.”
Source: IAPP, National Information Security Standardization Technical Committee
