The breakfast chain Tim Hortons is defending four class action lawsuits in Canada for allegedly collecting user geolocation data without user consent. According to a regulatory report, the Tim Hortons mobile app secretly collected a vast amount of geolocation data without user consent, violating Canadian law. The app allegedly cataloged every time a user entered
Data Privacy
Anti-Vax Dating App Left Data Unprotected
Unjected, a dating app and the “largest unvaccinated platform” online, apparently left its entire website’s back end unsecured. Security researchers, working with Daily Dot reporters, reportedly accessed the site’s administrator dashboard, which had been left entirely unsecured and in de-bug mode. As a result, they got incredible access, including the ability to view and modify…
Location Data Industry Under Scrutiny for Inclusion of Planned Parenthood Clinics in their Services
INRIX, a company that provides location-based data analytics, has been collecting, analyzing, and selling aggregated vehicle, traffic, and parking data for over 17 years. Now, after the Roe v. Wade decision, INRIX is under scrutiny for its data collection tactics and the ability to view data related to Planned Parenthood clinics. In a brochure for…
Google Analytics Runs Afoul of GDPR
Recent reports from several European Data Protection Authorities (DPAs), the bodies empowered to regulate consumer privacy under the General Data Protection Regulation (GDPR), have ruled that Google Analytics violates the law. DPAs in Austria, France, and Italy have found that the tool, which allows website owners to track and analyze traffic to their sites, impermissibly…
Colorado Law Restricts Use of Facial Recognition Technology by Government Agencies
Ramping up its continued focus on data privacy, on June 8, 2022, Colorado Governor Jared Polis signed into law legislation aimed to limit the use of facial recognition technology by government agencies and state institutions of higher education.
The legislation, SB 113, requires an agency – defined as “an agency of the state government…
Draft CPRA Regulations Aim to Streamline Opt-Out Processes
On Friday, the newly created California Privacy Protection Agency (CPPA) issued its first proposed regulations under the California Privacy Rights Act (CPRA).
The proposed rules have drawn criticism for requiring companies to treat browser-based “Do Not Track” signals as consumers asserting their opt-out rights. This rule came as a surprise to many observers because, as…
Connecticut’s Privacy Law Signed by Governor
Connecticut Governor Ned Lamont signed the Personal Data Privacy and Online Monitoring Act (CPDPA) into law on May 10, 2022, making Connecticut the most recent state to pass its own privacy law in the absence of comprehensive federal privacy legislation. Connecticut follows in the steps of Nevada, California, Virginia, Colorado and Utah in enacting its…
You Might Want to Rethink That New Meditation App
Researchers from the Mozilla Foundation reviewed the privacy policies of 32 mental health apps ranging from guided meditation to telehealth counseling services and flagged 28 of them as having “Privacy Not Included.” In addition, the report sorts the apps from “Not creepy!” to “Super creepy!” (The rankings are each accompanied by a delightful emoji face…
Kentucky is The Latest State to Adopt the NAIC Insurance Data Security Model Law
Kentucky Governor Andy Beshear recently signed House Bill 474 to become the latest state to enact data insurance security legislation. The new law is modeled after the data security law of the National Association of Insurance Commissioners (NAIC). Licensees with more than 50 employees who are authorized to operate, or are registered under the insurance…
Last Week Tonight Host Pokes at Congress Over Data Brokering Regulation
John Oliver, comedian and host of HBO’s Last Week Tonight, called on Congress to issue broad data privacy legislation by making it elegantly personal – he bought their data. Following a 25-minute segment on the ubiquity of third-party trackers and data brokering, the late night host revealed that his staff had created an advertiser’s…