Marriott might soon face a stiff penalty for the massive November 2018 data breach. The UK’s Information Commissioner’s Office plans to fine the hotel chain £99,200,396 (about $123.7 million) for allegedly violating the EU’s General Data Protection Regulation through the incident. Marriott didn’t conduct “sufficient due diligence” when it bought Starwood, according to the regulator, and “should also have done more” to improve security.
Google has been fined $56.8 million by privacy regulators in France, marking the country’s first use of the tough new privacy rules enacted in Europe last year. Specifically, the company is accused of violating provisions of the General Data Protection Regulation (GDPR) by using, without proper consent, the private data of users to craft personalized ads; and by burying key privacy disclosures pages deep, amid oceans of text. Continue reading Google Fined $57 Million for Burying Privacy Terms Where Users Won’t Find Them
More tech companies are about to face congressional scrutiny. Leaders from Amazon, Apple, AT&T, Charter and Google are scheduled to testify before a US Senate panel at a data privacy hearing on September 26th. Senators will grill the companies on their existing approaches to privacy, how Congress can press for “clear privacy expectations” and how firms will adapt to stricter requirements like the European Union’s GDPR and the California Consumer Privacy Act.
Apple has already bent over backwards in a bid to keep doing business in China, but it’ll have to bend a little further. As of the end of February, the company will host mainland Chinese users’ iCloud keys on servers located within the country — and they’ll be jointly run by a state-backed company, Guizhou Cloud Big Data Industry. The company has no choice if it wants to keep offering iCloud to Chinese users, as the law now requires that any cloud services have domestic ownership and store their data within China’s borders.
Open up a web browser or power up a smartphone—pretty much essential for modern-day living—and you’re walking straight into a privacy minefield. That much you know. Especially after the news earlier this week that Unroll.me, a popular service that lets you unsubscribe from multiple email lists with a single click, was selling data it had mined from all your mail. What you might not realize is that your surrendering of your privacy isn’t just an accident—it’s the purposeful design of a particular breed of app makers and web designers employing a practice known as “dark patterns.”
Fingerprint readers, like the TouchID on an iPhone, exist to make your device extra secure while keeping the process of unlocking it easy. Computer scientists at New York University and Michigan State are poised to turn that security benefit on its head. Like a master key that can open any lock, these researchers developed digital “master prints” that could emulate a variety of partial fingerprints enough to hypothetically hack into a device.