Privacy newsletter - April 13, 2020

Welcome to the latest edition of the Privacy Insider Newsletter. Each week, we send you the latest and most interesting news in the world of data privacy.

Our industry has never been more interesting. A health crisis has rightly led us to change our relationship with data privacy. Common rights that once seemed non-negotiable are suddenly being renegotiated.

Here are the top stories from last week you might have missed:

1. Combating Coronavirus with a “test and trace” approach is picking up steam in the United States. Apple and Google have teamed up to create a decentralized contract tracing tool. This is a helpful overview of how it works.
   
   The system is opt-in. There are divergent opinions about what it will take to get widespread adoption. Regardless of how many people use it, innovative technology tends to beget new security threats. Between gumming up phone storage space and faking positive COVID diagnoses, there are a number of ways attackers could use the technology in unintended ways. This paper from security researchers at Cambridge sums up some possibilities: “The performance art people will tie a phone to a dog and let it run around the park; the Russians will use the app to run service-denial attacks and spread panic; and little Johnny will self-report symptoms to get the whole school sent home.” 
   
   
2. Google-owned reCAPTCHA will start charging for usage. That’s a big boost for alternative products out there: in addition to being free, they don’t have to deal with Google’s intrusive privacy policy. Link
   
   
3. Osano announced a new partnership with Exterro. It’s a partnership about extending Osano’s exposure to Exterro’s existing client base, and Exterro adding our tools to the suite of GRC products that they offer their clients. 
   
   
4. This week in data breaches…Eversana. The life sciences company allowed unauthorized access to 3rd parties through a legacy technology environment for more than 3 months
   
   Related: the DoJ is pushing for nationwide rules on data breach disclosures
   
   
5. Zoom’s woes continued again this week. Google and the NYC public school system are the latest organizations to ban Zoom’s use due to recent revelation about their lax privacy standards. Links: NYC school's ban Zoom. Google's ban
   
   
6. Twitter stripped out the ability for people to opt out of sharing some mobile data with advertisers. Digital marketing platforms will take a revenue hit from the pandemic. Advertising is down while usage is up. One way to make their platforms more advertising-friendly is to send more user data. Link
   
   
7. We expect to hear more and more noise about federal data privacy legislation in the United States, as more states continue to consider privacy-related laws. Websites will need to contend with the patchwork of state regulations until the US follows the EU's lead by harmonizing data privacy laws. Until then, companies that don't take these laws seriously will face the risk of litigation from a number of different places. Link