Hello Friends,
The government may give around six months to industry to align with the Digital Personal Data Protection Act, said, Minister of State for Electronics and IT Rajeev Chandrasekhar. However, the actual transition time will be decided after consultation with stakeholders.
Enjoy reading!
Privacy Enforcement
PIPC fines mobile company KRW8 billion following data breach
South Korea's Personal Information Protection Commission issued a KRW8 billion fine to telecommunications company LG Uplus following a data breach of nearly 300,000 records containing personal information. Additionally, LG Uplus received a KRW27 million administrative fine after its Customer Authentication System was breached by a hacker beginning in June 2018, which was not discovered until 23 Jan.
Data Breach
Hospital network reports 11 breaches in 2023
Hamilton Health Services has reported 11 privacy breaches to the Information and Privacy Commission of Ontario in 2023, including a recent incident in which eight now former employees accessed the personal health information of 4,000 patients. The IPC said it is investigating the recent incident, along with any systemic issues that may be at the root of it.
Privacy in Spotlight
FTC alleges Musk violated consent decree during X ownership
Elon Musk's ownership of X, the platform formerly known as Twitter, allegedly resulted in several violations of a 2011 U.S. Federal Trade Commission consent decree after it deceptively collected users' data. In the submission, FTC investigators alleged "Musk's directives and efforts to cut costs ran afoul of the company's security and privacy practices.
Privacy is what the internet eats to live
Charlie Warzel writes about digital privacy in a world of vast data collection and harvesting. Once our information has been collected, it ricochets around a labyrinthine ad-tech ecosystem made up of thousands of companies that offer to make sense of, and serve hyper-targeted ads based on it, he said. Our privacy is what the internet eats to live.
Regulations
India floats 6-month compliance deadline for DPDPA
India's Minister of State for Electronics and Information Technology Rajeev Chandrasekhar said the government may give the tech industry approximately six months to comply with the Digital Personal Data Protection Act. Chandrasekhar said the exact transition period will be determined through stakeholder consultation, but "will not give them (two) years while ensuring time "so the transition is orderly.
India seeks comment on dark patterns prevention
India's Department of Consumer Affairs opened a public consultation for draft guidelines and regulations on dark patterns prevention. The guidelines define practices or deceptive design patterns applied to users' platform interactions and aim to identify and regulate such practices that tend to manipulate or alter consumer choices. The public comment deadline is 5 Oct.
G20 leaders make privacy, AI declarations
G20 leaders recommitted to collaboration on artificial intelligence and privacy matters in their leaders' declaration during the recent meeting in New Delhi, India. The topics were mentioned among the leaders' commitments to technological transformation and digital public infrastructure. The declaration featured a dedicated section on "harnessing AI responsibly for good and for all while also discussing the importance of data free flow with trust and cross-border data flows while respecting applicable legal frameworks.
Delaware governor signs Personal Data Privacy Act
The Delaware Personal Data Privacy Act was signed by Gov. John Carney, D-Del., and will go into effect on 1 Jan. 2025. An outreach period to inform consumers and businesses will begin no later than 1 July 2024. Director of the Department of Justice's Fraud and Consumer Protection Division Owen Lefkon said the bill gives consumers choice and puts the control back in the hands of the consumer.