This week we begin with an article that discusses Meta being sued by anonymous plaintiffs who utilized the US-based tax preparation service H&R Block for violating their trust and privacy. Next, we have a regulation where European legislators hope to limit targeted political advertising on social media by prohibiting the use of some personal data to alter the content. Following that, we have a piece addressing the exemption of early-stage start-ups from complying with norms under the proposed Digital Personal Data Protection bill. After that, we have a confirmation by the court of appeal that class actions brought against compromised data aggregators do not fall under Ontario’s newly created legal tort of “intrusion upon seclusion”. Next is an analysis specifying that data breach is not about poor cybersecurity practices but about why all organizations need personal data. Finally, we have a story explaining the ecosystem of the darknet market supply chain, the stolen data & generated revenue.
Meta Sued By Anonymous Plaintiffs Over Harvested Financial Data
Anonymous plaintiffs who used H&R Block, a US-based tax filing service, are suing Meta. They claim that Facebook violated their trust and privacy, and harvested sensitive financial information from them, when they filed their taxes in 2020. In November, an investigation by the publication Markup revealed that US tax filing services like H&R Block, TaxAct and TaxSlayer have been secretly sending sensitive financial information to Meta.
EU Seeks To Curb Use Of Personal Data For Online Political Advertising
European lawmakers are aiming to restrict targeted political advertising on social media by banning the use of some personal data to tailor content. Members of the European Parliament’s Committee on Civil Liberties Justice and Home Affairs (LIBE) on Thursday backed a text that would bar using sensitive data including a person’s racial or ethnic origin, political opinions, religious beliefs, health conditions or sexual orientation for political advertising.
Personal Data Protection Bill To Spare Start-ups
The government is mulling exempting early stage start-ups from complying with norms under proposed Digital Personal Data Protection bill, an official source said. The exemption may be for a limited period to assist startups in developing their business models and to ensure that innovation is not stifled due to compliance burden.
New Legal Action For Privacy Breach Doesn’t Apply To Hacked Data Aggregators
Ontario’s new legal tort of ‘intrusion upon seclusion’ does not apply in class actions against data aggregators that have been hacked, the Court of Appeal has confirmed. Nine years ago, the courts came up with the new tort of intrusion upon seclusion to cover a situation in which one bank employee hacked the personal information of her colleague at the bank. The victim of the hack was an ex of the hacker’s partner at the time.
The Best Way To Protect Personal Data? Not To Collect It.
I was Down Under recently, meeting a few interesting people in the digital finance space. A discussion topic that came up more than once was the massive data breach at Optus, the telecommunications provider. Around 10m Australians had had their personal data looted and 3m of them had their passport and driving licence data accessed.
Darknet Markets Generate Millions In Revenue Selling Stolen Personal Data, Supply Chain Study Finds
It is common to hear news reports about large data breaches, but what happens once your personal data is stolen? Our research shows that, like most legal commodities, stolen data products flow through a supply chain consisting of producers, wholesalers and consumers. But this supply chain involves the interconnection of multiple criminal organizations operating in illicit underground marketplaces.