A proposed CAD9 million settlement to resolve a class-action lawsuit against Meta for privacy violations has been submitted to a Quebec court, The Winnipeg Free Press reports. According to the lawsuit, Meta was accused of sharing Facebook users' data with third parties without their consent, however, the plaintiffs did not seek monetary damages. If accepted, the settlement would be divided equally among several Quebec universities to fund research and educational programs to promote privacy rights.
Full story
Author: IAPP IAPP News
Indonesia's Ministry of Communication and Digital Affairs held an informational session with several online service providers to gather input on how to best protect children online. They discussed potential social media age requirements and the best methods to create age verification systems as well as risk classification levels for certain digital services.
Full story
The Washington Post reports U.S. Sens. Ron Wyden, D-Ore., and Andy Biggs, R-Ariz., are asking National Intelligence Director Tulsi Gabbard to demand the U.K. government rescind its request asking Apple to create a backdoor to all encrypted data. The senators argued the U.S. should limit its data sharing with the U.K. if the request persists because it puts user data at risk.
Full story
Central Alberta Online reports the retailer Peavey Industries is warning people scammers have been creating fake websites and social media accounts in an attempt to defraud customers. The company is closing all of its Peavey Mart locations and only offering in-person sales.
Full story
C3SA Cyber Security Audit Privacy and Data Ethics Consultant Sophia Muller, CIPP/C, CIPM, FIP, argues in a Financial Post op-ed that Canadian businesses must build up their privacy and security initiatives despite economic uncertainty surrounding tariffs. "Despite federal bills such as the Digital Charter Implementation Act (Bill C-27) and the Cyber Security Act (Bill C-26) being stalled, Canadian businesses cannot afford to wait. Provinces are progressing with their privacy and security legislation," she wrote.
Full story
A website operated by the 8Base ransomware group was recently taken down after Thailand law enforcement arrested four individuals with alleged ties to the group, The Record reports. 8Base's website, which previously contained leaks of stolen data, now displays a banner with the logos of multiple law enforcement agencies, including the FBI, the U.K.'s National Crime Agency and federal German police.
Full story
Romania's National Supervisory Authority for Personal Data Processing alleged a high school violated the EU General Data Protection Regulation after investigating a complaint on personal data collection through security cameras. The authority alleged the school did not put adequate data protection measures in place.
Full story
In the fourth installment of a series on AI literacy, Knowledge Bridge AI co-founder and EWR Consulting's Erica Werneman Root, CIPP/E, CIPM, and SkyShowtime Chief Compliance Officer and Mahay Consulting Services Director Monica Mahay, CIPP/E, CIPM, FIP, explore how to integrate the concept of AI literacy into compliance frameworks. They share three key steps on how AI literacy can be "embedded throughout the operational fabric of an organization."Â
Full story
The wave of comprehensive state privacy laws across the U.S. has led to the establishment of a "cottage industry of authorized agent providers" who are designated by individuals to exercise their rights under certain states' privacy laws, Network Advertising Initiative Vice President and General Counsel Tony Ficarrotta, CIPP/US, writes in an op-ed. Ficarrotta opines that some authorized agent providers are "misleading consumers, failing to effectively exercise consumers' rights and ultimately creating more privacy concerns than they address."
Full story
Join the IAPP for a LinkedIn Live 19 Feb. for a conversation on the intersection of national security and data security at play in the U.S. executive order limiting bulk transfers of sensitive data to adversarial countries. IAPP Cybersecurity Law Center Director Jim Dempsey speaks with Paul Weiss Partners John Carlin and Rush Atkinson about how the Department of Justice-enforced rule will require businesses to examine their data sharing arrangements in vendor, employee and investment relationships to ensure compliance.
Full story