top of page
  • Team

The Data Drop News for Friday, February 11, 2022

Meta threatens to pull Instagram and Facebook in Europe over privacy laws. IRS ends use of facial recognition after widespread privacy concerns. Google and OpenMined differential privacy tool for Python developers processing data. Massachusetts lawmakers advance state-level data privacy law. FBI warns of LockBit 2.0 ransomware. EU digital sovereignty project Gaia-X hands out ID tech contracts. Plus, the latest in privacy-enhancing technology.


Pro tip: listen to The Data Drop at the gym, car, or while walking the dog by subscribing to our podcast. Data pros can also join the Node Zero community to access, query and bookmark our global dataset of stories from our Privacy Newsfeed tool.

Meta threatens to pull Instagram and Facebook in Europe over privacy laws

In a new regulatory filing this month, Meta renewed previous threats that it would be forced to pull Facebook and Instagram from the EU if an agreement on data transfers and warehousing isn’t reached.


Meta said in its 10-K filing that “If a new transatlantic data transfer framework is not adopted… we will likely be unable to offer a number of our most significant products and services, including Facebook and Instagram, in Europe”


The United States and the European Union have been in negotiations to create a new transatlantic data transfer pact since 2020 over fears that EU citizens’ data isn’t safe once transferred to the United States.


IRS ends use of facial recognition after widespread privacy concerns

The Internal Revenue Service has announced that it has stopped plans to use third-party facial recognition services to verify taxpayers’ identities, ending their contract with ID.me


This follows weeks of criticism after the agency said that by the summer of 2022, ID.me would be the only way for taxpayers to log in to irs.gov., which would have required all users to upload a selfie to access their account.


IRS Commissioner Chuck Rettig said that “The IRS takes taxpayer privacy and security seriously,” adding that “Everyone should feel comfortable with how their personal information is secured, and we are quickly pursuing short-term options that do not involve facial recognition.”


Google and OpenMined differential privacy tool for Python developers processing data

Google debuted a new product developed with OpenMined that allows any Python developer to process data with differential privacy.


The two have been working on the project for a year, and Google said the freely available privacy infrastructure will help "the global developer community build and launch new applications for differential privacy, which can provide useful insights and services without revealing any information about individuals."


Miguel Guevara, Product Manager for Google's Privacy and Data Protection Office, added that they reached out to OpenMined last year to surface the idea of building the Python product, with the goal of making it the most usable end-to-end differential privacy solution freely available. They immediately jumped onboard.


Massachusetts lawmakers advance state-level data privacy law

State lawmakers in Massachusetts have advanced The Massachusetts Information Privacy and Security Act, which contains "core internet privacy rights, protections, and standards” for the state.


If the bill passes, Massachusetts would join California, Colorado, and Virginia that have passed state-level data privacy laws in the absence of one at the federal level.


Lawmakers say the bill would allow for Massachusetts residents to opt-out of the sale of personal information, and limit how companies can use or disclose information like biometric data, location data, or racial data. It will also give residents the right to access, delete, correct, or transport personal information that a company collected about them.


FBI warns of LockBit 2.0 ransomware

The FBI has published a new warning about LockBit 2.0., recommending that companies enable multi-factor authentication and use strong, unique passwords for all accounts to avoid ransomware attacks.


LockBit 2.0 targets Windows PCs and Linux servers via bugs in VMWare's type 1 hypervisor and has hit tech services giant Accenture and France's Ministry of Justice, among others.