Websites selling abortion pills sharing data with Google, the My Health My Data Act, the “no fly” list accidentally exposed, a state privacy legislation bonanza … and more!<\/p>\n
Jennifer Gollan on ProPublica (propublica.org)<\/p>\n
That’s bad. \u00a0Using the Markup’s Blacklight tool<\/a>, a nonprofit tech-journalism newsroom, ProPublica ran checks on 11 online pharmacies that sell abortion medication to reveal the web tracking technology they use. \u00a0At least 9 of them had web trackers.<\/p>\n These third-party trackers, including a Google Analytics tool and advertising technologies, collect a host of details about users and feed them to tech behemoth Google, its parent company, Alphabet, and other third parties, such as the online chat provider LiveChat. Those details include the web addresses the users visited, what they clicked on, the search terms they used to find a website, the previous site they visited, their general location and information about the devices they used, such as whether they were on a computer or phone…. <\/p>\n While many people may assume their health information is legally protected, U.S. privacy law does little to constrain the kind or amount of data that companies such as Google and Facebook can collect from individuals. Tech companies are generally not bound by the Health Insurance Portability and Accountability Act, known as HIPAA, which limits when certain health care providers and health plans can share a patient\u2019s medical information. Nor does federal law set many limits on how companies can use this data.<\/p><\/blockquote>\n Jessica Lyons Hardcastle on The Register (theregister.com)<\/p>\n My Health My Data, a bill currently in Washington’s state legislature, would protect health data that collected by apps and websites — including reproductive health care data. \u00a0For some reason, the articles about it so far have focused on period-tracking apps, but that’s only the tip of the iceberg.<\/p>\n “Think about period-tracking apps that can sell information about a woman’s missed or late period,” [sponsor Rep. Vandana] Slatter said. “Or a pregnancy crisis center that someone visits and then learns they can’t receive an abortion, but their information can be sold to anti-abortion groups. Or digital advertising firms that set up geofencing around healthcare facilities. This bill is about closing the gap on health data privacy protections from the technological side of it.”<\/p><\/blockquote>\n I talked more about My Health My Data and its prospects here last week in A much more favorable environment: Washington state privacy legislation 2023<\/a>, and with a hearing on Tuesday I’ll have more to say about it soon!<\/p>\n ALSO:<\/strong><\/p>\n A pair of articles about My Health My Data, a bill introduced by Democrats in Washington\u2019s state legislature would prevent private health data that is collected by apps — particularly those that track menstrual cycles — from being shared without consumers\u2019 consent.<\/p>\n Mikael Thalen on The Daily Dot (dailydot.com)<\/p>\n CommuteAir, a United Airlines subsidiary, left a copy of the U.S. No Fly List on an unsecured server as a file named “NoFly.csv” that could be viewed by anyone. \u00a0<\/p>\n The list, according to crimew, appeared to have more than 1.5 million entries in total. The data included names as well as birth dates. It also included multiple aliases, placing the number of unique individuals at far less than 1.5 million.<\/p><\/blockquote>\n Dustin Volz and Byron Tau on The Wall Street Journal (wsj.com)<\/p>\n Law-enforcement agencies across the U.S. have direct access to over 150 million transactions housed at an Arizona-based nonprofit.<\/p>\n Cristiano Lima on the Washington Post (washingtonpost.com)<\/p>\n A roundup of some of the various laws being proposed, including<\/p>\n That’s a lot!<\/p>\n Tonya Riley on CyberScoop (cyberscoop.com)<\/p>\n More states are following California\u2019s lead in regulating children\u2019s privacy. But experts say the laws raise many tough questions.<\/p>\n Brenna Goth and Skye Witley on Bloomberg Law (news.bloomberglaw.com)<\/p>\n Consumers across the US could gain more control over how companies collect and use their personal information through state legislative efforts to create new data privacy requirements.<\/p>\n Felicity Slater, Future of Privacy Forum (fpf.org)<\/p>\n A look at rules and enforcement actions, in the US and around the world, targeting manipulative design practices online. <\/p>\n These efforts are complex and address a range of consumer protection issues, including privacy and data protection risks. They raise thorny questions about how to distinguish between lawful designs that encourage individuals to consent to data practices, and unlawful designs that manipulate users through unfair and deceptive techniques. As policymakers enforce existing laws and propose new rules, it is crucial to identify when the design and default settings of online services constitute unlawful manipulative design that impairs user\u2019s intentional decision-making.<\/p><\/blockquote>\n Natasha Singer on NYTimes (nytimes.com)<\/p>\n Dutch privacy negotiators have spurred major changes at Google, Microsoft and Zoom, using a landmark European data protection law as a lever.<\/p>\n Data & Society on Data & Society: Points (points.datasociety.net)<\/p>\n The rise of data-centric technologies is an opportunity for the labor and racial justice movements to build new bridges.<\/p>\n Natasha Lomas on TechCrunch (techcrunch.com)<\/p>\n A \u20ac390M privacy fine against Meta\u2019s behavioural ads issued earlier this month in the EU was several billion dollars smaller than it should have been, argues the original complainant.<\/p>\n on Privacy Laws & Business (privacylaws.com)<\/p>\n Chi Onwurah on WIRED (wired.com)<\/p>\n In a post-Roe world, bodily autonomy must include control over personal data.<\/p>\n Matt Burgess on WIRED (wired.com)<\/p>\n Cupertino puts privacy first in a lot of its products. But the company still gathers a bunch of your information.<\/p>\n Elizabeth MacBride on CNBC (cnbc.com)<\/p>\n Many individuals and businesses rely on Google and Microsoft email programs created long ago, and big tech email \u2018age\u2019 is a big cybersecurity risk.<\/p>\n on noyb.eu (noyb.eu)<\/p>\n The DPC has turned a blind eye on the revenue generated by Meta from violating the GDPR since 2018. Ignoring the EDPB demand to include the unlawful revenue of Meta, reduced the fine by 3,97 Mrd EUR.<\/p>\n Mathew J. Schwartz on bankinfosecurity.com<\/p>\n European data protection regulators last year imposed known privacy and data breach fines under GDPR collectively worth at least 2.9 billion euros, or $3.1 billion,<\/p>\n Jess Jones on CityAM (cityam.com)<\/p>\n The UK\u2019s data watchdog has played down potential privacy concerns linked to connected technology, arguing that strong demand for devices like the Amazon<\/p>\n Myriad Interactive on Snell & Wilmer (swlaw.com)<\/p>\n Snell & Wilmer is one of the largest law firms in the western Unites States.<\/p>\n Neil Richards and Danielle Citron on Tech Policy (techpolicy.com)<\/p>\n In a UVA Common Law podcast, privacy law expert Neil Richards, law professor at Washington University in St. Louis, joins University of Virginia law professor Danielle Citron to discuss how privacy regulation could ensure that information cannot be used to gain control and influence others.<\/p>\n Caitlin Vogus, Emma Llans\u00f3, Samir Jain on Center for Democracy and Technology (cdt.org)<\/p>\n The Center for Democracy & Technology and six technologists with expertise in online recommendation systems filed an amicus brief today in Gonzalez v. Google. The brief urges the U.S. Supreme Court to hold that Section 230\u2019s liability shield applies to claims against interactive computer service pro\u2026<\/p>\n Jen Patja Howell on Lawfare (lawfareblog.com)<\/p>\n Lawfare fellow in technology policy and law Eugenia Lostri sat down with Laurent Richard and Sandrine Rigaud to talk about their new book, \u201cPegasus: How a Spy in Your Pocket Threatens the End of Privacy, Dignity, and Democracy.\u201d<\/p>\n Molly Loe on TechHQ (techhq.com)<\/p>\n Question\u2019s around Apple privacy policies as it\u2019s found that Apple\u2019s own applications identify users personally and phone data home.<\/p>\n Sarah Perez on TechCrunch (techcrunch.com)<\/p>\n Facebook parent Meta announced today it\u2019s further centralizing various user settings across its suite of apps \u2014 Facebook, Instagram, and Messenger. As a result, several existing settings will be relocated to Meta\u2019s \u201cAccounts Center\u201d feature, first launched in 2020. Specifically, the changes will see\u2026<\/p>\n Melissa Cooper, Sovrn on Digiday (digiday.com)<\/p>\n A new set of state-specific privacy regulations<\/a> is scheduled to take effect in 2023.<\/p>\n Kamal Ahmed on Asia News Network (asianews.network)<\/p>\n Without legal safeguards, putting in place such surveillance systems aimed at suspected anti-state activities carries serious risks of innocent victims being harassed.<\/p>\n Mallory Acheson on JD Supra (jdsupra.com)<\/p>\n By now, most businesses are aware of the growing requirements to provide notice to consumers regarding how a business uses and discloses personal information.<\/p>\n Image credit: Originally by Nick Youngson<\/a>, licensed from Alpha Stock Images<\/a> under CC BY-SA 3.0<\/a> via Picpedia<\/a><\/p>\n Websites selling abortion pills sharing data with Google, the My Health My Data Act, the “no fly” list accidentally exposed, a state privacy legislation bonanza … and more! Privacy After Roe Websites Selling Abortion Pills Are Sharing Sensitive Data With Google Jennifer Gollan on ProPublica (propublica.org) That’s bad. \u00a0Using the Markup’s Blacklight tool, a nonprofit […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[460],"class_list":["post-4183","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-privacy-news"],"_links":{"self":[{"href":"https:\/\/2024.thenexus.today\/index.php\/wp-json\/wp\/v2\/posts\/4183","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/2024.thenexus.today\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/2024.thenexus.today\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/2024.thenexus.today\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/2024.thenexus.today\/index.php\/wp-json\/wp\/v2\/comments?post=4183"}],"version-history":[{"count":0,"href":"https:\/\/2024.thenexus.today\/index.php\/wp-json\/wp\/v2\/posts\/4183\/revisions"}],"wp:attachment":[{"href":"https:\/\/2024.thenexus.today\/index.php\/wp-json\/wp\/v2\/media?parent=4183"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/2024.thenexus.today\/index.php\/wp-json\/wp\/v2\/categories?post=4183"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/2024.thenexus.today\/index.php\/wp-json\/wp\/v2\/tags?post=4183"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Proposed Washington law puts period-tracking apps on notice<\/a><\/h3>\n
\n
<\/h4>\n
Surveillance<\/h2>\n
U.S. airline accidentally exposes \u2018No Fly List\u2019 on unsecured server<\/a><\/h3>\n
Little-Known Surveillance Program Captures Money Transfers Between U.S. and More Than 20 Countries<\/a><\/h3>\n
State privacy legislation<\/h2>\n
States are readying a flurry of privacy bills as Washington stalls<\/a><\/h3>\n
\n
State legislators aren\u2019t waiting for Congress to regulate children\u2019s online privacy<\/a><\/h3>\n
Data Privacy \u2018Panoply\u2019 Looms as States Move to Fill Federal Hole<\/a><\/h3>\n
And …<\/h2>\n
The Future of Manipulative Design Regulation<\/a><\/h3>\n
How the Netherlands Is Taming Big Tech<\/a><\/h4>\n
Thinking and Reading at the Intersection of Labor, Race, and Tech<\/a><\/h4>\n
Meta dodged a \u20ac4BN privacy fine over unlawful ads, argues GDPR complainant<\/a><\/h4>\n
The year in UK GDPR regulatory enforcement action<\/a><\/h4>\n
The Battle Over Women\u2019s Data<\/a><\/h4>\n
All the Data Apple Collects About You\u2014and How to Limit It<\/a><\/h4>\n
The big risk in the most-popular, and aging, big tech default email programs<\/a><\/h4>\n
Irish Data Protection Authority gives \u20ac 3.97 billion present to Meta. Authority allegedly unable to assess financial benefit from Meta\u2019s GDPR violations.<\/a><\/h4>\n
Privacy Fines: GDPR Sanctions Last Year Surged to $3 Billion<\/a><\/h4>\n
UK data agency plays down privacy risks of connected tech, as demand for Amazon Alexa and Google Nest show consumer trust<\/a><\/h4>\n
Privacy Shield 2.0 What\u2019s Next for International Data Transfers?<\/a><\/h4>\n
Podcast: Why Privacy Matters<\/a><\/h4>\n
CDT and Technologists File SCOTUS Brief Urging Court To Hold that Section 230 Applies to Recommendations of Content<\/a><\/h4>\n
Podcast: How a Spy in Your Pocket Threatens the End of Privacy, Dignity, and Democracy<\/a><\/h4>\n
Apple privacy under question as apps get independent checks<\/a><\/h4>\n
Meta centralizes more user and privacy settings across its apps, announces changes to ads controls<\/a><\/h4>\n
Publishers are preparing for 2023\u2019s new consumer privacy laws<\/a><\/h4>\n
How can breaching citizens\u2019 privacy be lawful?<\/a><\/h4>\n
Obtaining Consent for Privacy Practices<\/a><\/h4>\n
\n<\/h4>\n","protected":false},"excerpt":{"rendered":"