Data Privacy + Security Insider

Latest from Data Privacy + Security Insider - Page 2

On May 1, 2024, the Federal Trade Commission (FTC) announced a settlement with InMarket Media (InMarket), a digital marketing and data aggregator, to resolve the FTC’s allegations that InMarket “unlawfully collected and used consumers’ location data for advertising and marketing.”

The complaint filed by the FTC against InMarket alleged that InMarket collects and aggregates location

The privacy advocacy group noyb, founded by privacy activist Max Schrems, has raised concerns over how ChatGPT handles questions about real-life individuals. The group alleges that ChatGPT has been generating inaccurate personal data, such as incorrect birth dates, which they claim is a violation of the European Union’s General Data Protection Regulation (GDPR). GDPR mandates

Last month, Nebraska passed the Nebraska Data Privacy Act (NDPA), making it the latest state to enact comprehensive privacy legislation. Nebraska joins California, Virginia, Colorado, Connecticut, Utah, Iowa, Indiana, Tennessee, Montana, Oregon, Texas, Florida, Delaware, New Jersey, New Hampshire, Kentucky, and Maryland. The law will take effect on January 1, 2025.

The NDPA applies to

The Federal Communications Commission (FCC) has announced that it has levied almost $200 million in fines against “the nation’s largest wireless carriers for illegally sharing access to customers’ location information without consent and without taking reasonable measures to protect that information against unauthorized disclosure.”

The FCC’s allegations include that the carriers sold access to customers’

In response to the growing threat by pro-Russia hacktivists, on May 1, 2023, CISA and other national agency partners issued an Alert to operators of industrial control systems and small-scale operational technology systems in North America and Europe on mitigation techniques for cyber operations to prevent a compromise of industrial control systems, including “Water and

Future LLC, a magazine and website publisher and owner of the TechRadar.com website, faces allegations that it collected website visitors’ IP addresses without consent in violation of the California Invasion of Privacy Act (CIPA). The class action complaint alleges that the TechRadar website launched three trackers -the TripleLift Tracker, GumGum Tracker, and Audiencerate Tracker –

The Cybersecurity and Infrastructure Agency (CISA) has published an Alert confirming that Cisco has released security updates to its firewall platforms. The releases apply to Cisco’s ArcaneDoor zero-day vulnerabilities applicable to Cisco’s Adaptive Security Appliances devices and its Firepower Threat Defense software.

The exploitation of CVE 2024-20353 and CVE-2024-20359 has been confirmed, and the identified

Car manufacturer General Motors (GM) is the subject of litigation in Georgia by two New Jersey Chevy Bolt drivers who allege that GM collected data about their driving habits and behavior and disclosed it to third parties, including insurance companies, causing them to pay higher insurance rates and experience difficulty in obtaining reasonable premiums.

They