Privacy newsletter - Sept. 22, 2020

Welcome to the latest edition of the Privacy Insider Newsletter. Each week, we send you the latest and smartest news in the world of data privacy.

Here are the top stories from last week you might have missed:

1. Brazil’s national privacy law - LGPD - went into effect last week. It’s a landmark event for the world’s sixth most populous nation. Enforcement for the law begins in August of next year. The law had been set to come into effect next year, but the Brazilian Congress suddenly reversed course and moved the schedule ahead. Our guide on the LGPD breaks down the details of the law, if you need to comply, and how to do so. Link
2. Wired details the messy process the California Privacy Rights Act (CPRA) has gone through to amend the state’s privacy laws. The CPRA will appear on the November ballot and is expected to pass. Advocates are concerned that the new bill will open up loopholes for advertising technology companies. Link
3. A Chinese database leaked surveillance data on 2.4 million individuals who live outside China. The database is owned by a Chinese technology company called Zhenhua Data. The company provides “services for military, security and foreign propaganda.” The leak includes dates of birth, addresses marital statuses, political associations, and social media handles. Link
4. A total of 27 health systems have been exposed due to a cloud computing company called Blackbaud. Two-thirds of all data breaches happen due to third party vendors. Blackbaud is a perfect example of how a single, targeted incident can affect many organizations at once. Link
5. Apple’s new operating system offers several novel privacy features. Apple has been attracting a lot of attention for rolling out a feature early next year to make advertising tracking more difficult for app developers. In the meantime, iPhone users will have notifications when their mic or camera is accessed, obfuscation of your precise location, a notification when data is copied and pasted, and private MAC addresses for connecting to Wi-Fi. Link
6. US Senate Republicans introduced legislation requiring businesses to be more transparent in consumer data collection and allow courts to grant injunctive relief in cases of privacy violations. The bill includes a nationwide requirement for businesses to allow consumers to access, correct, delete, and port their data. Link