News Alerts and Breach Report for Week of October 24, 2022
Montana to Vote on Adding Data Privacy to Constitution
In November, Montana voters will have the opportunity to codify the protection of electronic data privacy in their state’s constitution. Amendment C-48 would update Article II, Section 11—which protects against unreasonable search and seizures—to include electronic data. Specifically, C-48 says: “The people shall be secure in their persons, papers, electronic data and communications, homes, and effects from unreasonable searches and seizures. No warrant to search any place, to seize any person or thing, or to access electronic data or communications shall [be] issued without describing the place to be searched or the person or thing to be seized, or without probable cause, supported by oath or affirmation reduced to writing.”
Privacy Professionals Weigh in on Trans-Atlantic Framework
With a new trans-Atlantic framework expected by 2023, privacy executives are weighing in on the agreement’s chances of passing. According to the Wall Street Journal, “At issue is whether U.S. companies, including tech giants such as Alphabet Inc.’s Google and Facebook parent Meta Platforms Inc., can store information about Europeans on U.S. soil and whether EU companies can use U.S.-based technology providers.” A deal would take the burden off legal departments, as standard contractual clauses are no longer required as a stopgap. But with the trans-Atlantic data-trade business valued at more than $1 trillion, skeptics are criticizing the deal as impermanent: Alea Garbagnati, head of privacy at Seattle-based Adaptive Biotechnologies Corp. “said it is difficult to balance executives’ expectations about what a new privacy deal might change when it is possible that the deal could be short-lived. She said she likely wouldn’t rush to go through a lengthy self-certification process to use the new arrangement when it is completed because it would be too much hassle if the deal doesn’t last.”
Virginia Senator Protests to Meta
Virginia Senator Mark R. Warner last week wrote Meta CEO Mark Zuckerberg to express concerns about the way Meta handles the private information of patients at the hospitals it contracts with. According to the Senator’s website, “Sen. Warner called attention to Meta Pixel, a tracking tool that sends Meta a packet of data whenever a user clicks a button to schedule a doctor’s appointment—without the knowledge of the individual making the appointment.” The post goes on to warn that this violation is part of a larger Meta scheme to harvest and collect data, and questioned Meta on the types of personal data it stores and collects, what steps Meta is taking to safeguard data, and how Meta is validating third-party vendors.
Australia Moves to Increase Data Breach Penalties
According to IAPP.org, Australian Attorney-General; Mark Dreyfus last week introduced a bill to increase penalties for privacy breaches. The bill amenda the Privacy Act 1988, which, according to IAPP, carries a maximum fine of AU$2.22 million/ Dreyfus’s proposed amendment could raise the maximum fine to $50 million.
* * * * * * *
To read our update on the Trans-Atlantic Data Privacy Framework, click here.
To browse through our previously published articles and news alerts, please visit our website, and don’t forget to subscribe to receive free weekly Data and Cyber Governance news and Breach Reports directly to your email.
Jody Westby hosts our podcast, ADCG on Privacy & Cybersecurity, which brings together leaders in the privacy and cybersecurity fields to discuss everything from regulations to tried-and-true compliance strategies. Find us on Spotify and Apple Podcasts.
79 | Understanding 5G Cybersecurity Issues (with guest Carlos Solari)
78 | The Nexus Between Privacy, Cybersecurity & National Security (with guest, Corey Simpson)
77 | Privacy & Cybersecurity Whistleblowers: A New Trend? (with guest, Andrew Grosso)
Don’t forget to subscribe!