Blog

Back to list

What’s Going On In The World of Privacy – September 2019

With more than 3,800 data breaches and at least 60 GDPR related fines since the start of the year, the world of privacy has become very hectic. It almost seems like there is a new data breach or Facebook related scandal every few days. So how does one keep up with all the news?

To help you stay in the loop, we have are launching a new monthly blog series that will summarize all the amazing (and not so amazing) privacy related news of each month. So if you had a hard time keeping track of all the fines, data breaches, shocking reveals and Facebook drama in August, read on!

 

 

Data Breaches & Leaks

This year is officially the worst year on record in terms of data breaches. Compared to mid-2018, the first six months of this year have had 54% more reported breaches. September seems to have continued the trend with data breaches affecting airlines, gamers, retailers, and even the government.

  1. 2.5 million Yves Rocher customers were affected by a data leak.
     
  2. Nearly every individual in Ecuador (including Julian Assange) was affected by a data breach. Shortly after, the director of a data analytics company was arrested for his involvement.
      
  3. Data of 200 million Android and iOS Gamers was stolen from Zynga by a cybercriminal.
     
  4. US Federal Emergency Management Agency (FEMA), which assists survivors of disasters, revealed that it overshared the personal information of 2.5 disaster survivors.
     
  5. Thousands of resumes from the job seeking site Monster.com were found on an exposed web server.
     
  6. Details of 46 million passengers of Malaysian airlines were exposed by an ex-employee of a contractor firm.
     
  7. DoorDash confirmed a data breach that exposed the details of almost 5 million delivery workers and merchants.
     
  8. 198 million records of people interested in buying a car were found online.
     
  9. A hacker leaked data of 24 million Lumin PDF users after the company failed to reply to him.

 

 

Privacy Fails

Data breaches were not the only privacy fails last month. A number of companies were exposed as being not so privacy friendly. Some have even been trying to limit the compensation that individuals are entitled to due to massive data breaches.

 

  1. Only 28% of Europeans firms are fully complaint with the GDPR. In Sweden, this number is reported as low as 18%.
     
  2. European mental health websites were found to be sharing visitors’ information to ad companies.
     
  3. Brave accused Google of secretly sharing data with advertisers and trying to circumvent the GDPR.
     
  4. If you use a period-tracking app, it probably has been sending your details to Facebook.
     
  5. British Airways was accused of trying to limit compensation related to its data breach by creating a 17 week deadline.

 

 

Legislation, Activism and Recommendations

Fortunately, it seems like governments have been responding to these growing privacy problems with newer legislation. At the same time, activists have been taking local and national action to achieve immediate results.  

  1. The Australian Competition and Consumer Commission warned the public that loyalty programs are being used to gather and resell customers' data. These recommendations will be informing their new legislation.
     
  2. The new California privacy law only goes into effect next year, but already proposals have been made for a new, even stricter law.
     
  3. Protestors in San Diego called for an end to the “smart streetlight” technology that involves microphones and cameras.
     
  4. Activists have beem calling for the end of live facial recognition surveillance, as more public spaces are choosing to use it.
     
  5. Due to privacy concerns, Vancouver decided to cover cameras at bus stops that were built into digital advertisement signs.
     
  6. Courts do not always agree with activists, however. A court in Wales ruled that police may continue using facial recognition technology.

 

 

Tech & Innovation

Facial recognition tech topped headlines in September, as its use grew more widespread. A number of apps and new technologies were also extensively discussed, often due to the privacy concerns they raised. Interestingly, several of the more privacy friendly projects are being developed by large corporations.

 

  1. India disclosed plans for the world's largest facial recognition system.
     
  2. UK’s Gatwick airport announced that it will be permanently using facial recognition tech during customer boarding.
     
  3. Amazon announced a number of new devices and privacy updates.
     
  4. Chinese Zao app, which allows you to replace a celebrities face with yours, was heavily scrutinized due to privacy concerns.
     
  5. Google took over DeepMind, a British AI company that used NHS data without people’s consent.
     
  6. Norwegian researchers developed an app that allows you to anonymize your face during video calls.
     
  7. Microsoft and Harvard announced plans to develop a new privacy platform for researchers.
     
  8. Google open-sourced a tool that helps data scientists protect private information.

 

 

Facebook

Due to the constant privacy related mishaps Facebook seems to find itself in, we decided that it deserved a category of its own.

  1. Facebook released a white paper on data portability – the challenges and possible solutions.
     
  2. Tens of thousands of apps were removed by Facebook for privacy reasons.
     
  3. Facebook dating has launched and many people are concerned about the privacy implications.
     
  4. The company announced Portal TV, a video chat camera for your TV.
     
  5. Users will no longer be automatically opted into Facebook’s facial recognition feature.
     
  6. Despite the company’s claim that users suffered no harm, a judge has ruled that the class action against Facebook will proceed.
     

Overall, September seems to have been a mixed bag for the world of privacy. On one hand, data protection authorities continued to hold organizations accountable and some companies seemed to commit to making changes. On the other hand, facial recognition technology emerged as a controversial topic on a global scale. Hopefully, October brings some sort of resolution for facial recognition and other surveillance technologies.


We hope you found this overview of privacy related events in September useful. If you believe that we missed something that should be a part of this overview, please feel free to reach out to us via social media or at hi@privacyaudit.me.

Back to list