The Data Drop News for Friday, October 29, 2021

California Enacts New Privacy Law for Genetic Data. Facial recognition cameras arrive in UK school canteens. The New York City Police Department continues to use surveillance drones the US government has made moves to ban. New US Cybersecurity Act gives CISA 120 days to study the cybersecurity risks facing K-12 schools, including ransomware attacks. New bills aim at Apple, Google and Facebook as U.S. attempts to catch up to Europe’s Big Tech push. ‘Privacy concerns’: Trinity study reveals ‘massive’ data collection by Android devices with no opt-out for users. Plus, the latest in privacy-enhancing technology!

Pro tip: listen to The Data Drop at the gym, in the car, or anywhere and anytime you like by subscribing to our podcast.

California Enacts New Privacy Law for Genetic Data

California’s governor recently signed bill SB 41 into law and enact the Genetic Information Privacy Act (GIPA). The governor rejected a similar bill last year over concerns about COVID-19 public health efforts. To address that concern, this bill exempts tests used to diagnose whether an individual has a specific disease.

Facial recognition cameras arrive in UK school canteens

School cafeterias in the UK are using facial recognition technology to take pupils’ lunch money. Many British schools have used other biometric systems, such as fingerprint scanners, to take payments for years, but privacy campaigners said there is little need to normalize facial recognition technology which has been criticized for operating without explicit consent.

NYPD continues to use drones the US government wants to ban

The New York City Police Department, the largest in the United States, is continuing to use surveillance drones manufactured by a Chinese company that the U.S. government has made moves to ban, labeling them a “national security threat” that may provide “critical infrastructure and law enforcement data to the Chinese government.”

New law gives CISA deadline to study cybersecurity risks facing K-12 schools

Now that US President Joe Biden has signed what is believed to be the first K-12 cybersecurity-focused law, school cyber experts say the work has only just begun.

The K-12 Cybersecurity Act, introduced by Senators Gary Peters and Rick Scott gives the Cybersecurity and Infrastructure Security Agency just 120 days to study the cybersecurity risks facing K-12 schools, including ransomware attacks.

New bills aim at Apple, Google and Facebook as U.S. attempts to catch up to Europe’s Big Tech push

US senator Amy Klobuchar has announced plans to introduce a bipartisan bill that would prevent Big Tech companies like Apple, Google and Facebook from favoring their products at the expense of third-party vendors.

In the House of Representatives, a group of Democrats recently announced plans to introduce a bill to remove certain liability protections for tech platform operators.

Section 230 of the Communications Decency Act generally provides internet platforms legal immunity from posting of third-party content.

‘Privacy concerns’: Trinity study reveals ‘massive’ data collection by Android devices with no opt-out for users

The forced opt-in of data collection on Android phones raises a “number of privacy concerns” according to new research conducted by Trinity College Dublin and the University of Edinburgh.

The research, which centred on a range of popular Android mobile phones, revealed significant data collection and sharing, including with third parties, with no opt-out available to users.

Australian Online Privacy Bill to make social media age verification

mandatory for tech giants, Reddit, Zoom, gaming platforms

In Australia, a new Bill targeting social media platforms is seeking stronger penalties for user privacy breaches which could see companies fined as much as 10% of their annual turnover. The Bill is seeking to expand the country's Privacy Act to allow the government to specifically regulate 3 classes of organization: Social media platforms, data brokers, and large online platforms.

Google Successfully Slowed Down and Delayed Europe's ePrivacy Regulation Process, According to the Lawsuit

According to internal documents filed with the EU, search giant Google stated that was able to successfully delay the European privacy rules by acting in concert with other tech companies. The legal filing was released as part of a lawsuit filed by Texas and 11 other US states which argued that Google abuses its power over complex technology that delivers online ads.

U.S. Warns of Efforts by China to Collect Genetic Data

Chinese firms are collecting genetic data from around the world, part of an effort by the Chinese government and companies to develop the world’s largest bio-database, American intelligence officials reported. The National Counterintelligence and Security Center said in a new paper that the United States needs to better secure critical technologies including artificial intelligence, quantum computing, semiconductors and other technologies related to the so-called bioeconomy.

PET News

The latest in privacy-enhancing technology

Cytrio launches with $3.5M to help SMEs meet data privacy regulation demands

Cytrio, a Boston-based data privacy and compliance startup, has launched its software-as-a-service privacy rights management platform after landing $3.5 million in seed funding.

Skyflow Secures $45M to Expand Health Data Privacy Vault

Skyflow, a Palo Alto, CA-based customer data privacy company, announced a $45M Series B financing round led by Insight Partners. Skyflow delivers a zero-trust data vault via a simple API, powered by its unique polymorphic data encryption approach, and has launched horizontal and vertical products to meet these needs.

Aware raises $60M in funding to help manage compliance and risk in Slack and Teams

Collaboration and governance startup Aware has raised $60 million in a new round of funding. Aware has built an artificial intelligence-powered platform that delivers governance, risk, compliance and insights for enterprises across the digital collaboration tools used by their workforce, such as Slack and Teams.

The company says these capabilities are increasingly necessary in today’s world, where concepts such as remote work and hybrid work are expected to remain the norm.

Facebook quietly acquires synthetic data startup AI.Reverie

Facebook has quietly acquired AI.Reverie, a New York-based startup that offered APIs and a platform that procedurally generated fully annotated synthetic videos and images for AI systems.

Synthetic data, which is often used in tandem with real-world data to develop and test AI algorithms, has come into vogue as companies embrace digital transformation during the pandemic. In a recent survey of executives, 89% of respondents said synthetic data will be essential to staying competitive. And according to Gartner, by 2030, synthetic data will overshadow real data in AI models.

Gretel AI raises $50M for a platform that lets engineers build and use synthetic data sets to ensure the privacy of their actual data

Gretel AI, which lets engineers create anonymized, synthetic datasets to use in analytics and machine learning models has closed $50 million in funding. Their product is still in beta but aims to be open to general availability later this year.

The Data Drop is a production of the Data Collaboration Alliance, a nonprofit advancing meaningful data ownership and inclusive innovation through open research and free skills training. To learn more about our partnerships, the Information Ownership Network, or the Data Collaboration University, please visit datacollaboration.org.