In this week’s Data Privacy News….
The UK’s Information Commissioner’s Office (ICO) and the Australian Information Commissioner have announced a joint investigation into facial recognition firm, Clearview AI. The data watchdogs will be focusing “on the company’s use of ‘scraped’ data and biometrics of individuals” they announced in a statement.
The investigation follows a similar announcement by the Office of the Privacy Commissioner of Canada, which also has opened an investigation into Clearview AI.
The Canadian statement says:
The joint investigation was initiated in the wake of media reports which stated that Clearview AI was using its technology to collect images and make facial recognition available to law enforcement in the context of investigations
Source & full story: Independent
Popular kids social media app, TikTok, is being investigated for allegedly violating a settlement agreed with U.S. authorities in 2019, resolving charges that the app broke rules governing the way in which childrens’ personal data is treated online.
Under rules dating to 1998 legislation, COPPA requires websites to get parental permission to collect data on children under the age of 13. Websites or online services are also expected to ban third parties from collecting the data.
Source & full story: Reuters
A flaw in smartwatch software designed to assist elderly patients could easily have been hacked and abused, security researchers say. Reportedly, some of the watches are targeted at dementia patients . A hacker could even send a reminder to “take pills” as often as they wanted to.
Researchers at UK security firm, Pen Test Partners, said they were concerned that “an overdose could easily result”.
The security flaw has now been fixed after they notified the Chinese company behind it, they said.
However, the app that connects to these types of watches has more than 10 million downloads, the researchers say – and there is no way of knowing if it had been exploited by someone else before being fixed.
Source & full story: BBC News
Microsoft and Zoom say they will not process data requests from the Hong Kong authorities while they consider a new security law.
The news follows anouncements from Facebook, Google, Twitter and chat app Telegram, declaring similar “pauses” in compliance over the past week.
China passed the new law on 30 June, making it a criminal offence to support independence, and enabling the authorities to punish protesters more easily. Apple says it is “assessing” the rules.
If tech firms make their non-compliance policies permanent, they could face restrictions or a ban on their services in the semi-autonomous region.
And while Facebook, Google, Twitter and Telegram’s services are blocked in mainland China, the same is not true of Microsoft, Zoom and Apple.
The business had previously said it would not comply with Chinese government requests to access TikTok users’ data. It operates a similar service called Douyin in its home market, which could theoretically become a substitute. However, Bytedance has indicated it does not have plans to do so at this time.
Source & full story: BBC News
Earlier this week, LinkedIn was in the news, having been exposed by Apple’s iOS 14 new privacy notification feature. The same developer that spotted the LinkedIn app accessing his clipboard data with every keystroke, Don Morton, has also posted a video to Twitter showing the Reddit app exhibiting the same worrying behavior.
In total, 53 apps have been found to be accessing clipboard data upon startup. However, TikTok was accessing the data with every few keystrokes.
TikTok quickly responded, letting it be known that it did not collect or store any clipboard data — and the functionality had been disabled in a June 27 app update.
Source & full story: Forbes