Hello Friends,
DPDP Rules likely to be delayed until after Lok Sabha elections & European Commission determines New Zealand adequate for data transfers
Enjoy reading!
Privacy Enforcement
Streaming services receive CCPA violation notices from the California Attorney General
California Attorney General announced an investigative sweep and revealed plans to dispatch letters to businesses featuring popular streaming apps and devices. These letters mention that these businesses are not in compliance with the California Consumer Privacy Act (CCPA), particularly for businesses engaged in selling or sharing consumer personal information. This includes those that do not provide a straightforward mechanism for consumers who wish to opt-out of the sale of their data.
Italy’s Data Protection Authority issues notice to Open AI for GDPR violations
The Italian Data Protection Authority (DPA), Garante, has reported violations of data protection laws to OpenAI. After imposing a temporary ban on OpenAI in the previous year. Post investigation, the Italian DPA has determined that the evidence suggests breaches of the regulations outlined in the EU General Data Protection Regulation (GDPR).
Netherlands Data Protection Authority fines credit card company for failure to conduct DPIA
The data protection authority of the Netherlands has declared a penalty against the credit card company International Card Services. The AP imposed a fine of 150,000 euros on the company, citing an alleged failure to conduct a data protection impact assessment before processing the personal data of 1.5 million customers.
Data Breach
South Tees Hospital NHS Foundation Trust reprimanded for serious and harmful breach
The Information Commissioner's Office (ICO) disclosed that it has officially reprimanded South Tees Hospitals NHS Foundation Trust for a data breach that led to the unauthorized disclosure of sensitive information to a family member without proper authorization.
Panic ensues as over 26 billion records, including those of LinkedIn, X, Venmo, and others, leaked
Over 100 billion records may have been leaked across twenty brands, with Tencent's 1.5 billion being the largest. Well-known Western brands like LinkedIn, X, Venmo, Canva, Apollo, and Adobe have also fallen victim to the breach. Cybernews Head of Security Research, Mantas Sasnauskas, captured the enormity of the breach, stating, "It's likely that a significant portion of the population has been impacted."
Privacy in Spotlight
New Zealand determined ‘adequate’ by European Commission for Data transfers
The European Commission has affirmed that New Zealand ensures a sufficient standard of data protection in the exchange of data between the European Union and New Zealand. According to Michael Webster, the Privacy Commissioner of New Zealand, this adequacy designation signifies that New Zealand is a favorable location for global business, boasting robust privacy safeguards within its legal framework and serving as an empowered regulatory authority.
Regulations
Sources state that Indian DPDP Rules likely to be delayed till elections
It was reported that the finalization of India's new digital data protection law framework might extend until the Lok Sabha elections of 2024. The regulations, developed as part of the Digital Personal Data Protection Act, are said to be in the concluding phases of drafting. However, they still require completion of the public consultation process and other regulatory steps before they can be implemented.
White House plans a new executive order on foreign access of Americans' personal data
The Biden administration is in the process of formulating an executive order aimed at preventing foreign adversaries from accessing highly sensitive personal data pertaining to Americans and individuals associated with the U.S. government. This move comes to prevent the exploitation of data for blackmail and espionage.