Privacy newsletter - Sept. 15, 2020

Welcome to the latest edition of the Privacy Insider Newsletter. Each week, we send you the latest and smartest news in the world of data privacy.

Here are the top stories from last week you might have missed:

1. Children from lower-education households are at greater risk of privacy violations. Digital information is transferred to third parties at rates two to three times higher for children raised by parents without college degrees. The difference is attributed to “the degree of digital savviness or privacy awareness that parents have, which tends to correlate with education level. Link
2. Bytedance and Oracle have agreed to be partners running the US operations of TikTok. The deal is not a divestiture, and the main components of the algorithm will still be under the effective control of China. The arrangement suggests that this deal wouldn’t abate the privacy concerns associated with the app. Link
3. Portland’s city council voted unanimously to ban facial recognition technology from being used in the city. It is the most far-reaching bans that have been put into effect. Besides barring public agencies from using the technology, private enterprises are also not permitted to use the technology in public spaces. Link
4. Ireland’s Data Protection Commission asked Facebook to suspend data transfers to the US about its EU users. Facebook has said they would rely on so-called standard contractual clauses after Privacy Shield was invalidated earlier this summer. This action by Ireland suggests that these clauses aren’t sufficient in Facebook’s case. The commission can fine Facebook up to 4% of its annual revenue, or $2.8 billion, if it fails to comply. The company promptly appealed the decision. Link
5. There is a growing push to quantify data security and privacy risk. Taking the time to place a dollar amount on the impact of data risk helps companies understand the value they get from investing in data security and privacy. Company’s data security and privacy investment comprise 5% to 12% of the total IT budget. Link
6. Avoid free Virtual Private Network (VPN) services on the Play Store and App Store, which are rife with privacy abuses. Data harvesting is the most common form of abuse from these apps. Facebook, Sensor Tower, and App Annie are some prominent names that have been exposed for using free VPN apps to collect data on people, yet many of the worst abusers are not name brands. Link
7. YouTube is accused of knowingly violating children’s privacy laws in the United Kingdom. YouTube doesn’t get explicit consent from parents to process their children’s data, as the law requires them to do. 75% of UK kids ages five to 15 watch YouTube and compensation is being sought on a per-child basis. Total fines could be up to $3.2 billion. Link