iapp.org – New Zealand Privacy Commissioner Michael Webster discussed the costs of privacy breaches, data minimization, biometrics regulation and more. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1635702890126770184
Online therapy app sued in class-action lawsuit for allegedly selling user data
iapp.org – Online mental health therapy app BetterHelp was sued in a federal class-action lawsuit for allegedly sharing user data with third parties. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1635657888348635142
Massachusetts Man Sentenced in Business Email Compromise Scheme
insurancejournal.com – A Framingham, Massachusetts man was sentenced this week for his role in a business email compromise (BEC) scheme. Gustaf Njei was sentenced by U.S.
China is ‘Big Threat’ to Energy Industry, Cybersecurity Official Says
insurancejournal.com – The US energy industry must shore up protection against cyberattacks from China, a more pressing concern than attacks from Russia amid its war on Ukraine,
New Hampshire, Oklahoma advance privacy bills
iapp.org – New Hampshire’s Senate Judiciary Committee recommended Senate Bill 255 should pass with amendments, while the Oklahoma House advanced House Bill 1030. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1635460874260414473
US Chamber of Commerce publishes AI Commission Report
iapp.org – The U.S. Chamber of Commerce released its Artificial Intelligence Commission Report. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1635430764345978882
SEC fines data management platform $3M over incident notification
iapp.org – The SEC fined data management platform Blackbaud USD3 million for misleading disclosures to individuals affected by a 2020 ransomware attack. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1635370459788111891
Markets/Coverages: Coalition Enters UK Excess Cyber Insurance Market
insurancejournal.com – Coalition, the San Francisco-based cyber managing general agent and cyber-security firm, announced it will enter the excess cyber insurance market in the
NZ privacy commissioner warns of erosion of privacy in gang surveillance legislation
iapp.org – New Zealand’s Privacy Commissioner Michael Webster spoke out against the proposed expansion of the Search and Surveillance Act. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1634977792549953538
WhatsApp chief casts doubt on offering service in UK without E2E encryption
iapp.org – WhatsApp Head Will Cathcart said its parent company, Meta, would not adhere to the proposed U.K. Online Safety Bill and break its end-to-end encryption. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1635219563792183297
CISA warns of actively exploited Plex bug after LastPass breach
bleepingcomputer.com – CISA has added an almost three-year-old high-severity remote code execution (RCE) vulnerability in the Plex Media Server to its catalog of security flaws exploited in attacks. Tweeted by @MalwarePatrol https://twitter.com/MalwarePatrol/status/1634965227291787267
AT&T confirms 9m wireless accounts exposed by third part
theregister.com – Tells folks not to worry, it was very old and boring data Tweeted by @hhtsecurity https://twitter.com/hhtsecurity/status/1635210840084467714
Denmark’s welfare auditing system under scrutiny by privacy advocates
iapp.org – Denmark has built one of the most comprehensive machine learning-powered welfare auditing systems in the world. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1634887225757278209
Notes from the IAPP Canada Managing Director, March 10, 2023
iapp.org – Kris Klein offers a look at the latest privacy developments in Canada, including an update on the partisan debate on Bill C-27 and guidance on fax machines. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1634630509664825344
AI for an AI: Why ChatGPT Is a Double-Edged Sword for Cybersecurity
cpomagazine.com – ChatGPT has answers for almost everything, but there’s one answer we may not know for a while: will this tool turn out to be the genie its creators regret taking out of the bottle over unintended con… Tweeted
Health Insurance Marketplace Used by Congress Suffers a Data Breach Exposing Sensitive Information
peresdaily.com – The DC Health Link, a health insurance marketplace used by members of Congress, recently suffered a data breach that could potentially expose sensitive Tweeted by @peresdaily https://twitter.com/peresdaily/status/1634814556856897539
Cerebral admits to sharing patient data with Meta, TikTok, and Google
theverge.com – The mental health startup, Cerebral, has admitted to sharing sensitive patient information with Facebook, TikTok, and Google. According to Cerebral, affected information includes patient names, birth… Tweeted by @ethhack https://twitter.com/ethhack/status/1634875237958406145
MEP urges Council of the European Union to resume ePrivacy Regulation work
iapp.org – European Parliament’s ePrivacy Regulation rapporteur Birgit Sippel called on the Council of the European Union to give attention to the long-stalled proposal… Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1634539930817896448
The IAPP’s top 5 most-read articles for the week of March 6, 2023
iapp.org – We know there’s a lot of privacy news to sift through each week. To make it easier we compiled the top 5 most-read articles for the week of March 6, 2023. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1634388765195083783
Does the CCPA as modified by the CPRA apply to your business?
iapp.org – This article looks at the modification of the CCPA threshold test of “what is a business.” Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1634358629758369792