Sep 242020
 September 24, 2020  Posted by  Breaches, Featured News, Govt, Non-U.S.

Clarity in Privacy reports:

On September 22, 2020, Brazil’s Public Ministry of the Federal District and Territories filed the first public civil action based on the country’s General Data Protection Law (“Lei Geral de Proteção de Dados” or “LGPD”).

According to the lawsuit, a company based in the city of Belo Horizonte sells personal information, including names, e-mail and postal addresses, and SMS contact numbers, of about 500,000 individuals on its website. The company’s website also offers data segmented by profession.  The Ministry alleged that company’s handling of personal information violated the LGPD and the right to privacy guaranteed by the Brazilian Constitution.

Read more on Clarip.

h/t, Michael A. Shapiro

Sep 242020
 September 24, 2020  Posted by  Featured News, U.S., Youth & Schools

Tyler Park reports:

Protections for student data privacy took an important step forward this summer when the Student Data Privacy Consortium (SDPC) released the first model National Data Privacy Agreement (NDPA) for school districts to use with their technology service providers. Ever since education technology (edtech) emerged as a key tool in classrooms, both schools and edtech companies have struggled to create data privacy agreements (DPAs) that adequately protect student data and meet both schools’ and providers’ needs. DPAs provide crucial protections for student data by limiting its use and sharing. A key challenge in that process is that US federal student privacy law and many state laws require specific contractual clauses or protections. The new NDPA addresses this challenge by streamlining the education contracting process and, in the SDPC’s words, establishing “common expectations between schools/districts and marketplace providers.”

Read more on Student Privacy Compass.

h/t, Joe Cadillic

Sep 222020
 September 22, 2020  Posted by  Misc

China Is Using Shenzhen Zhenhua Data To Conduct ‘Mass Surveillance’ on Millions of Citizens in US, UK, Australia and India:

Facebook Threatens to Pull Out of Europe If It Doesn’t Get Its Way:

Two years on from complaint to the Irish Data Protection Commission, the RTB (“Real-Time Bidding”)
data breach is the largest ever recorded, and appears to have worsened:


UK – Government to retain fingerprints and DNA profiles of COVID-19 infectees under national security:

Amazon, Microsoft Say Facial Recognition Lawsuits Mistarget Them:

Read these and many more news stories on Joe Cadillic’s MassPrivateI

Sep 222020
 September 22, 2020  Posted by  Business

Edward Ongweso Jr. writes:

On Wednesday, Facebook announced a new project: the company would send out a hundred employees and contractors equipped with glasses that would record every piece of audio, visual, and spatial information possible in public and private spaces.

During its Facebook Connect livestream, the company dubbed this effort part of “Project Aria,” a new attempt to research augmented reality and help Facebook understand potential ethical or privacy-related problems with AR and AR glasses. It will also have the incidental benefit of freely extracting and analyzing staggering amounts of data to ostensibly train algorithms powering this future project.

“We built Project Aria with privacy in mind and we’ve put provisions in place around where and how we’ll collect data a well as how it will be processed, used, and stored,” Andrew Bosworth, Facebook’s vice president of augmented and virtual reality, tweeted that day.

Read more on Vice.

h/t, Joe Cadillic