Hello Friends,
Centre seeks public comments on Draft Guidelines for Prevention and Regulation of Dark Patterns in India.
Draft Guidelines list various deceptive practices being adopted by online platforms in the nature of dark patterns that are against interests of consumers.
Enjoy reading!
Privacy Enforcement
Norway's DPA fines fitness chain NOK10M
Norway's data protection authority, Datatilsynet, announced it imposed an NOK10 million fine against fitness club SATS for allegedly violating the EU General Data Protection Regulation. SATS allegedly breached GDPR provisions for data subject rights to access and erasure, as Datatilsynet received several complaints between 2018-2021
Data Breach
Insufficient cybersecurity caused PSNI data breach
A data breach affecting the Police Service of Northern Ireland was due to a lack of data protection policies and extensive security failings. The cyberattack was the largest data breach in the history of U.K. policing. Police said it was a wake-up call for every force across the U.K.
Privacy in Spotlight
Google takes steps to protect location history
Google announced it will shorten the length of time location history is stored on its devices, save a person's timeline of locations to their device and give them the ability to delete that information at any time. The update could drastically limit the ability for governments to use geofence warrants, which are used to compel companies to turn over information about the location of a device within a certain geographic region
NCMEC warns Meta's end-to-end encryption plan is a child safety risk
Nonprofit National Center for Missing & Exploited Children said Meta's end-to-end encrypted messaging could be a devastating blow to child safety and privacy protections. Meta claims users can report behavior that violates the company's social media guidelines while using end-to-end encryption to protect personal privacy.
Amazon package resale raises privacy concerns
Packages returned to Amazon with original shipping labels containing personal data were resold at Toronto liquidation store Top Binz. The packages included the original buyer's name, address, and phone number. Amazon said it requires liquidators to discard identifiable information before reselling a product and will be launching an internal investigation.
Meta launches default encrypted messaging
Meta announced the launch of end-to-end encryption by default for Facebook and Instagram messaging. Fully encrypted messages raise concerns that child predators' illegal activity on social media could be protected. Meta said in its announcement it has taken measures to ensure the safety of users, including privacy and safety controls to prevent unwanted messages.
Regulations
NIST issues guide on differential privacy
The U.S. National Institute of Standards and Technology released guidance for employing differential privacy as a privacy-enhancing measure. Notably, the guidance is part of NIST's work to fulfill a guidance mandate in U.S. President Joe Biden's executive order on artificial intelligence, which called for an evaluation of the efficacy of differential-privacy-guarantee protections, including for AI. Differential privacy involves adding a mathematical algorithm to a dataset to avoid revealing data subjects' identities.
Utah's consumer privacy law takes effect 31 Dec.
The Utah Office of the Attorney General released updated guidelines on what businesses and consumers should expect when the state's Protection of Personal Information Act takes effect 31 Dec. The law requires businesses to implement data security practices to protect users' confidentiality, and consumers have the right to request what data is collected on them and to opt out of personal data collection used in advertising.
India drafts Dark Patterns guidelines
The India Department of Consumer Affairs issued proposed guidelines to prevent deceptive marketing tactics or dark patterns. The guidelines note marketing strategies such as forced actions, false urgency, and disguised advertisements should be regulated to prevent consumers from being negatively targeted by companies.