Welcome to the latest edition of the Privacy Insider Newsletter. Each week, we send you the latest and smartest news in the world of data privacy.
It has been a big news week. Here are the top stories from last week you might have missed:
- Osano released a new report showing the direct and predictive relationship between poor privacy practices and data breaches. Companies with inadequate data privacy practices are 80 percent more likely to suffer a data breach than those with the highest-ranked privacy practices and face fines seven times larger than companies with the best scores in the event of a data breach. Download the white paper! Link
- The Court of Justice of the European Union issued a decision that invalidates the E.U.-U.S. Privacy Shield arrangement for transferring personal data across borders under the GDPR. Known as "Schrems II", the decision provides little guidance about what adequate protocols for cross-border data transfers look like, but the E.U. and U.S. Chamber of Commerce have both committed to reaching a mutually acceptable solution. Link
- Twitter faced a high-profile attack last week when hackers obtained access to some of the most followed accounts on the platform. The hackers tweeted out a scam for Bitcoins, using profiles of Jeff Bezos, Barack Obama, Joe Biden, and many others. Twitter account hacks are nothing new, but the simultaneous infiltration of many accounts is especially embarrassing for the social media company. Link
The perpetrators compromised several Twitter employee accounts using social engineering to obtain access. A suspect in the attack has been identified as a 21-year old British national living in Spain. Ironically, he was identified through social engineering by investigators. Link
Twitter has a very poor Osano Privacy Score. This incident provides further support for our research in the section above. Link
- FinTech startup Plaid faces a class-action lawsuit for allegedly accessing years of bank account transactions without customers' consent. Privacy lawsuits happen regularly, but it is rare to see one complaining about violating so many different statutes. The company, which was recently acquired by Visa, helps connect financial data across different services. Link
- Walmart has been hit with a CCPA lawsuit over data breach that happened within the past few years. CCPA-related suits against name brands are now being filed on a weekly basis. Walmart is disputing the suit and doesn’t acknowledge that a breach occurred. Like Twitter, Walmart’s Privacy Score is also below average.
- Facebook’s agreement to settle a privacy violation in Illinois for $550 million has been ruled insufficient by a district judge. The settlement, which was agreed to earlier this year, is the largest privacy-related payout in history. The possible payout for the suit could reach $47 billion. The class-action lawsuit pertains to Facebook's use of facial recognition software. Link