The Data Drop News for Thursday, April 15, 2021

Facebook disregarding data leak. The CIO Strategy Council's guide to responsible contact tracing. Critiques on Canada's proposed data privacy law. Companies changing privacy policies without consumers' consent. Plus, this week's Drop Shots!

Pro tip: get The Data Drop on your phone by subscribing to our podcast.

Facebook disregarding data leak.

A data leak involving hundreds of millions of Facebook users is being investigated as a possible GDPR violation.

Facebook says the leaked data is "old" and that it found and fixed the leak over 18 months ago. Ireland's Data Protection Commission intends to make sure that's true and could levy fines against the social media giant if not.

Regardless, the leaked data which contains the personal information of 533 million people in 106 countries has now been published for free in a hacking forum.

Cybersecurity expert Alan Gal added, "I have yet to see Facebook acknowledging this absolute negligence."

A guide to responsible contact tracing

In Canada, the CIO Strategy Council has published a new guide for employers on the responsible collection and use of digital contact tracing data in the workplace.

The Council will use this work as the basis of a new national standard for the responsible collection and use of such data and they are currently inviting stakeholders to provide input on these guidelines.

Insufficient Canadian digital privacy law

Staying in Canada, according to tech pioneer Jim Balsillie, Canada's draft federal digital privacy law has "more holes than Swiss cheese."

The proposed law promises that Canadians will have greater control over their online data and carries heavy penalties for companies that breach privacy. But Balsillie warns that it makes far too many concessions to Silicon Valley to be truly meaningful.

Do employees have no right to privacy?

Here's a trick question for you: In the world of data protection, when is a consumer not a consumer?

When they're an employee of course!

According to Virginia's new data privacy law, the definition of "consumer" expressly excludes individuals in the "employment context". In other words, Virginia's new law will not grant employees a right to privacy when it comes to their employers.

The rule is intended to avoid many of the headaches experienced by employers under California's recent privacy law. But critics including Alister McTaggart, who is the spearhead behind the CCPA, says it is an example of the sort of weak privacy laws favored by the tech giants and their lobbyists

Changing privacy policies without your consent

A study by the Center for Identity at the University of Texas has shown that only 1% of consumers make the effort to actually read privacy policies and many policies can be altered without consent.

In 85% of the 600 plus policies they studied, organizations declared the right to change their policies and considered the continued use of their products as tacit consent to those changes, even if the consumers were unaware of them.

This week's Drop Shots

Your quickfire news items from the world of data privacy

New MIT data initiative

MIT has launched a new data privacy initiative called "The Future of Data, Trust, and Privacy". The program will examine the confluence of data analytics, artificial intelligence, and global information platforms together with changing social attitudes about personal data.

CCPA court ruling

A federal court in the US has ruled that the California Consumer Privacy Act does not apply retroactively and has dismissed claims stemming from an alleged data breach of Walmart that occurred before January 1st, 2020.

Voting through your smartphone?

Apple CEO Tim Cook wants Americans to be able to vote from their iPhones. But while improving voting accessibility is a good thing, Cook's statement raises fresh questions about protecting voter identity and preventing unfair election influence.

The Data Drop News is a production of the Data Collaboration Alliance, a nonprofit working to advance data ownership through pilot projects in sustainability, healthcare, education, and social inclusion. We also offer free training in the Data Collaboration methodology. Listen to the Data Drop on our website or wherever you listen to your favorite podcasts.