Category Archives: Data protection

Californians will be able to delete all personal online data with first-in-US law

Posted on by

Delete Act signed by governor Gavin Newsom strengthens existing regulations so users will be able to scrub info from a single page

In a victory for privacy advocates and consumers, the California governor Gavin Newsom signed a bill that would enable residents to request that their personal information be deleted from the coffers of all the data brokers in the state.

The bill, SB 362, otherwise known as the Delete Act, was introduced in April 2023 by the state senator Josh Becker in an attempt to give Californians more control over their privacy. Californians already have a right to request their data be deleted under current state privacy laws, but it requires filing a request with each individual company.

Continue reading...

China’s manipulation of media threatens global freedoms, says US report

Posted on by

Censorship, data harvesting and purchases of foreign news outlets could lead to ‘sharp contraction’ of freedom of expression

China is manipulating global media through censorship, data harvesting and covert purchases of foreign news outlets, according to a new report from the US state department, which warned the trend could lead to a “sharp contraction” of global freedom of expression.

The report released on Thursday found that Beijing had spent billions of dollars annually on information manipulation efforts, including by acquiring stakes in foreign media through “public and non-public means”, sponsoring online influencers and securing distribution agreements that promote unlabelled Chinese government content.

Continue reading...

Federal government could pay millions in compensation over asylum seeker data breach

Posted on by

Breach, discovered by Guardian Australia, resulted in information being used to allegedly threaten some in detention

The Australian government may be liable for tens of millions of dollars in compensation to asylum seekers after it posted their personal details online while they were in immigration detention.

The mass data breach, discovered by Guardian Australia in 2014, resulted in information being used, in some cases, to allegedly threaten asylum seekers, or persecute and even jail their family members.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

TikTok fined €345m for breaking EU data law on children’s accounts

Posted on by

Irish data regulator says platform put 13- to 17-year-old users’ accounts on default public setting, among other breaches

TikTok has been fined €345m (£296m) for breaking EU data law in its handling of children’s accounts, including failing to shield underage users’ content from public view.

The Irish data watchdog, which regulates TikTok across the EU, said the Chinese-owned video app had committed multiple breaches of GDPR rules.

Continue reading...

The owner of Bunnings and Kmart is now in the prescriptions business, raising fears over patient data

Posted on by

Doctors and pharmacists concerned that Wesfarmers’ acquisition of InstantScripts could end the notion that ‘health data is sacrosanct’

The integration of a controversial online doctor service alongside Bunnings, Kmart and hundreds of pharmacies in the Wesfarmers portfolio has raised concerns among medical practitioners about potential risks to patient data security.

InstantScripts sprang to prominence during the pandemic, offering an alternative to the GP by generating prescriptions via an online form that was then remotely checked by a doctor. The business covers 300 low-risk drugs that patients can either pick up from a pharmacist or get delivered directly to their home.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

Twitter ‘unfit’ for banking over alleged complicity in Saudi rights abuses

Posted on by

Lawyers for family say Saudi government took brother’s data in breach and ‘arrested, tortured, and imprisoned’ him and others

The company formerly known as Twitter is “unfit” to hold banking licenses because of its alleged “intentional complicity” with human rights violations in Saudi Arabia and treatment of users’ personal data, according to an open letter sent to federal and state banking regulators that was signed by a law firm representing a Saudi victim’s family.

The allegations by lawyers representing Areej al-Sadhan, whose brother Abdulrahman was one of thousands of Saudis whose confidential personal information was obtained by Saudi agents posing as Twitter employees in 2014-15, comes as Twitter Payments LLC, a subsidiary of X (the company formerly known as Twitter), is in the process of applying for money-transmitter licenses across the US.

Continue reading...

Dymocks warns customer records may be on dark web after possible data breach

Posted on by

Bookseller’s managing director says potential hack was detected on Wednesday and investigation has been launched

Bookstore chain Dymocks has warned customers of a possible data breach that could lead to their personal information being leaked on the dark web.

In an email sent to members on Friday, the bookseller’s managing director, Mark Newman, said a potential hack was detected two days earlier.

Continue reading...

Customer data used for unwanted romantic contact, UK poll shows

Posted on by

Almost one in three people aged 18-34 have been messaged by staff after giving personal details to a business

Almost one in three people aged 18-34 have received unwanted romantic contact after giving their personal information to a business, a UK poll has shown.

The Information Commissioner’s Office (ICO) has called for recipients of such texts to come forward to help the regulator gather evidence of the impact of this phenomenon.

The ICO has an online form for people who want to report an experience of unwanted contact.

Continue reading...

Hacked UK voter data could be used to target disinformation, warn experts

Posted on by

Data from Electoral Commission breach could allow rogue actors to create AI-generated messages in effort to manipulate elections

Data accessed in the Electoral Commission hack could help state-backed actors target voters with AI-generated disinformation, experts have warned.

The UK elections watchdog revealed on Tuesday that a hostile cyber-attack had been able to access the names and addresses of all voters registered between 2014 and 2022.

Continue reading...

Australians increasingly concerned about online privacy after high-profile cybersecurity breaches

Posted on by

After massive hacks at Optus and Medibank, survey from information commissioner finds three-quarters of people feel data breaches are among biggest risk to privacy

Australians are more concerned than ever over the handling of their personal information and want tough laws to protect them after the Optus and Medibank cybersecurity breaches, a new study has found.

The latest Australian Community Attitudes to Privacy Survey, released on Tuesday by the Office of the Australian Information Commissioner (OAIC), found three-quarters of Australians feel data breaches are one of the biggest risks to privacy they face. That is an increase of 13% since the survey was last conducted in early 2020.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

Meta to ask EU users’ permission to show targeted advertising

Posted on by

Facebook and Instagram’s parent company will stop harvesting audience data to create profiles for advertisers after regulatory rulings

Facebook and Instagram are to ask EU users for permission to show them personalised adverts, in a concession that challenges the platforms’ core money-making strategy.

The social media networks’ parent company, Meta, announced the change after a series of regulatory rulings struck down the company’s legal justification for harvesting audience data to create user profiles that can be targeted by advertisers.

Continue reading...

UK spy agencies want to relax ‘burdensome’ laws on AI data use

Posted on by

GCHQ, MI6 and MI5 propose weakening safeguards that limit training of AI models with bulk personal datasets

The UK intelligence agencies are lobbying the government to weaken surveillance laws they argue place a “burdensome” limit on their ability to train artificial intelligence models with large amounts of personal data.

The proposals would make it easier for GCHQ, MI6 and MI5 to use certain types of data, by relaxing safeguards designed to protect people’s privacy and prevent the misuse of sensitive information.

Continue reading...

WeChat user numbers plummet nearly 30% in Australia amid concerns of Chinese interference

Posted on by

Owner gives parliamentary inquiry no reason for fall over three years but says China’s government could not conduct surveillance on app

WeChat has said its user numbers in Australia have declined almost 30% in the past three years, amid questions being raised about foreign interference on the app.

Tencent-owned WeChat told a parliamentary committee examining foreign interference on social media that as of July 2023, the communications app favoured by Australia’s Chinese diaspora community had fewer than 500,000 daily active users in Australia. The company told the committee in 2020 that its user base was 690,000.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

Senator says she has been ‘excluded’ from writing pamphlet – as it happened

Posted on by

This blog is now closed.

Patricia Karvelas challenges Littleproud’s Covid reasoning behind the Murray-Darling Basin delays on ABC RN this morning.

“This isn’t a new problem … Your government was in power when a 2019 Productivity Commission report warned that there had been limited progress returning the water to the environment,” she says. “Why didn’t you change course?”

This is a very technical piece of legislation … The 450 is additional to the 2,750 gigalitres of water in the plan, the Productivity Commission looked at the 450 gigalitres, there’s only been 2 gigalitres recovered on the 450 …

Because the neutrality test on social and economic impact on rural communities have not been passed to get more water back out of it – that’s a test the Labor government put in place, that we adhere to that the states agreed to.

He [is] going down a path that’s divided the country and meant that the attention has been taken away from managing people’s cost-of-living crisis, and focused on trying to win a referendum in which he has overreached in conflating a voice with constitutional recognition.

Continue reading...

Online safety bill: changes urged to allow access to social media data

Posted on by

Campaigners say bill in ‘serious peril’ of passing without powers to make platforms more transparent

Online safety experts will struggle to sound the alarm about harmful content if landmark legislation does not allow independent researchers to access data from social media platforms, campaigners have warned.

The government is being urged to adopt amendments to the online safety bill enabling researchers to access platform data in order to monitor harmful material. Access would be overseen by Ofcom, the communications watchdog, and would protect user privacy.

Continue reading...

EU countries accuse TfL debt collectors of breaching data protection laws over London penalty fines

Posted on by

Belgium and Dutch vehicle licensing agency say citizens’ details obtained unlawfully to issue driving fines

Two EU countries have accused Transport for London’s debt collection agency of breaching data protection laws to obtain the names and addresses of citizens in order to issue fines for driving in the capital.

Motorists from across Europe have been hit with penalties, some totalling thousands of pounds, for driving in London’s Ultra Low Emissions Zone (Ulez). Penalty notices are being sent to foreign motorists who enter the capital without pre-registering their vehicle, and the Guardian has revealed hundreds of drivers have been fined despite driving emissions-compliant cars.

Continue reading...

NHS data breach: trusts shared patient details with Facebook without consent

Posted on by

Observer investigation reveals Meta Pixel tool passed on private details of web browsing on medical sites

NHS trusts are sharing intimate details about patients’ medical conditions, appointments and treatments with Facebook without consent and despite promising never to do so.

An Observer investigation has uncovered a covert tracking tool in the websites of 20 NHS trusts which has for years collected browsing information and shared it with the tech giant in a major breach of privacy.

Continue reading...

Facebook owner Meta fined €1.2bn for mishandling user information

Posted on by

Penalty from Ireland’s privacy regulator is a record for breach of EU data protection regulation

Facebook’s owner, Meta, has been fined a record €1.2bn (£1bn) and ordered to suspend the transfer of user data from the EU to the US.

The fine – equivalent to $1.3bn – imposed by Ireland’s Data Protection Commission (DPC), which regulates Meta across the EU, is a record for a breach of the bloc’s General Data Protection Regulation (GDPR).

Continue reading...

Real estate agents push back against Australian privacy law changes designed to protect personal data

Posted on by

Real Estate Institute of Australia president says additional layer of responsibility could force smaller agencies to close down

Real estate agents are pushing back against proposed privacy law changes, saying small businesses should not face more red tape to keep customer and tenant data safe.

The Real Estate Institute of Australia president, Hayden Groves, said that an “additional layer of responsibility is really not necessary” on top of agents’ existing duties, saying that increased regulatory risks could be “the last straw” for smaller agencies which may shut up shop.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...

Warnings over NHS data privacy after ‘stalker’ doctor shares woman’s records

Posted on by

Exclusive: Victim speaks of feeling violated by hospital doctor incident that expert says is evidence of ‘systemic’ flaw in England

The confidentiality of NHS medical records has been thrown into doubt after a “stalker” hospital doctor accessed and shared highly sensitive information about a woman who had started dating her ex-boyfriend, despite not being involved in her care.

The victim was left in “fear, shock and horror” when she learned that the doctor had used her hospital’s medical records system to look at the woman’s GP records and read – and share – intimate details, known only to a few people, about her and her children.

Continue reading...