#DataPrivacy

Worker surveillance must comply with credit reporting rules

by

October 26, 2024 at 01:59AM The US Consumer Financial Protection Bureau has issued guidance emphasizing that third-party workforce reports must comply with the Fair Credit Reporting Act’s consent and transparency requirements. Concerns include unchecked surveillance and algorithmic decision-making in employment, necessitating employee consent and accuracy corrections for data used in adverse employment decisions. **Meeting Takeaways:** … Read more

LinkedIn Hit With $335M Fine for Data Privacy Violations

by

October 25, 2024 at 05:31PM On October 24, LinkedIn was fined €310 million by EU regulators for violating GDPR data privacy rules. The Data Protection Commission found LinkedIn unlawfully processed user data for targeted advertising. Despite asserting compliance, LinkedIn will work to align its practices with regulations following this reprimand and order for compliance. ### … Read more

My Journey From the Air Force to Cybersecurity

by

October 25, 2024 at 10:08AM The author reflects on their career transition from the military to cybersecurity after 20 years in the Air Force. They emphasize the importance of community and networking, highlighting the significance of the CISSP certification for career advancement. The article encourages veterans to explore cybersecurity for meaningful opportunities. ### Key Takeaways … Read more

LinkedIn Hit With 310 Million Euro Fine for Data Privacy Violations From Irish Watchdog

by

October 25, 2024 at 09:47AM LinkedIn has been fined 310 million euros by Ireland’s Data Protection Commission for violations related to data privacy. This enforcement action highlights ongoing concerns about compliance with data protection regulations. **Meeting Notes Takeaways:** – LinkedIn has been fined 310 million euros. – The fine was imposed by Ireland’s Data Protection … Read more

Apple creates Private Cloud Compute VM to let researchers find bugs

by

October 24, 2024 at 06:52PM Apple has launched a Virtual Research Environment (VRE) for public testing of its Private Cloud Compute (PCC) system, enhancing security through a $1 million bounty program for vulnerability findings. The source code for key components is available, allowing researchers to analyze and verify PCC’s privacy and security features. ### Meeting … Read more

Ireland fines LinkedIn €310 million over targeted advertising

by

October 24, 2024 at 02:21PM LinkedIn was fined €310 million by the Irish Data Protection Commission for GDPR violations related to data processing for targeted advertising. The inquiry revealed failures in obtaining valid consent, transparency, and legitimate interests. LinkedIn must comply with EU regulations and amend its advertising systems following the ruling. ### Meeting Takeaways: … Read more

Illinois Joins CoSN’s Trusted Learning Environment (TLE) State Partnership Program for Student Data Privacy

by

October 17, 2024 at 04:57PM The Illinois Learning Technology Center has partnered with the Consortium for School Networking to enhance student data privacy practices in K-12 districts. Joining the CoSN Trusted Learning Environment State Partnership Program, Illinois will provide free TLE Seal applications and benchmarking reports to improve privacy measures for over 1.85 million students. … Read more

Is a CPO Still a CPO? The Evolving Role of Privacy Leadership

by

October 17, 2024 at 10:06AM The role of the Chief Privacy Officer (CPO) is evolving amidst increasing data breaches and regulatory demands. CPOs now juggle diverse responsibilities, integrating privacy with security and AI governance. Effective data management requires collaboration across teams, emphasizing the need for a robust privacy framework that enhances overall organizational resilience. ### … Read more

WeChat devs introduced security flaws when they modded TLS, say researchers

by

October 17, 2024 at 04:41AM Researchers from the University of Toronto’s Citizen Lab found that WeChat’s modified cryptographic protocol, MMTLS, introduces security weaknesses. Key issues include the business-layer encryption not securing metadata and the potential for network-based attacks. The app lacks end-to-end encryption, allowing Tencent to access user messages, raising privacy concerns. ### Meeting Summary … Read more

FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms

by

October 16, 2024 at 10:24AM The FIDO Alliance is enhancing passkey usability by creating guidelines for secure credential exchange across platforms, addressing transferability issues. Their draft specifications aim to improve interoperability among providers like Apple and Google, promoting faster, more secure sign-ins and supporting the adoption of passwordless methods, evidenced by Amazon’s implementation. **Meeting Takeaways … Read more