Meta faces complaints for circumventing Apple’s privacy preferences
Meta now faces class-action lawsuits from three Facebook and iOS users for supposedly bypassing Apple’s iOS privacy settings. The complaints were based on the research of Felix Krause, a former Google engineer, who accused Meta of wanting to gain back lost advertising revenue. They inserted a tracking code on external websites visited by users while they use the in-app browser for Facebook or Instagram. When Apple updated its privacy rules in 2021 to allow users to opt-out of all tracking by third-party apps quickly, the tech giant allegedly lost $10 billion in revenue. The complainants cited Meta for downplaying the privacy risk, neglecting the privacy preference of iOS users, and tracking their activity on third-party websites.
Source: Ars Technica, IAPP
Use of Google Analytics on a standstill after decision of Danish DPA
Danish data protection authority, Datatilsynet, decided to stop using Google Analytics for data transfers to the US without supplementary measures. Denmark is the latest European country to enact the halt, following Austria, France, and Italy. Dataltilsynet has notified Danish businesses to check if their possible continued use of Google Analytics is within the EU General Data Protection Regulation framework.
Source: Datatilsynet, Digital Journal, IAPP
Business requirements under Quebec’s Bill 64 take effect
Specific business requirements under Bill 64 have taken effect as published by the Le Commission d’accès à l’information du Quebec, Quebec’s data protection authority (DPA). Bill 64 amended the Privacy Act, which sought to give citizens more control over their personal data and held companies accountable for managing data. The new corporate obligations for Bill 64 include privacy officer appointments, compulsory breach notification, and user consent exception. Further requirements will take effect in 2023 and 2024
Source: Le Commission d’accès à l’information du Quebec, IAPP
Indonesia’s data protection law passed by lawmakers
Last Sept. 20, lawmakers in Indonesia passed the much-anticipated data protection bill into law. The new law is timely after the country faced a series of data leaks and for the investigation of alleged data breaches from Indonesia’s government firms and institutions. The data protection law will enable the president to create an oversight body that will issue fines to data handlers for privacy violations. The largest fine that could be issued consists of 2% of a corporation’s annual revenue and the possibility of its assets being confiscated or auctioned off. An adjustment period of two years is part of the law, but it does not stipulate how violations will be addressed in that stage.
