Move over GDPR and CCPA: Time for NYPA to step in the spotlight

Move over GDPR and CCPA: Time for NYPA to step in the spotlight

Facebook privacy issues

Privacy regulations become more prominent as New York state considers their own version of CCPA. GDPR may help consumers and marketers more than you think. Facebook launching new app for data usage.

Move over CCPA? 

CCPA just became old news. Why? New York is considering a privacy act of their own: the New York Privacy Act, or the NYPA. Consumers protected in this act would receive a set of data privacy rights, and businesses affected by this act would receive a set of rules and duties to abide by.

Who does it affect? Similar to the CCPA, the NYPA applies to “legal entities that conduct business in New York” or that “intentionally target” residents of New York with their products or services.

Additionally, it will be an opt-in process where the user must provide express and consent.

Nonetheless, we look forward to seeing the status of this act progress from consideration to active leg

Why marketers and consumers should thank GDPR

Welcome to the new data privacy digital marketing reality.

It turns out, satisfying GDPR regulations not only helps the business stay compliant, but it also helps the business stay on the good side of the consumer.

Ad impressions have increased and costs have decreased. A marketer’s dream come true. One year after GDPR came into play, the results are informative and insightful. This new data privacy consciousness can be a win-win situation. Marketers can gain the insights and performance they need to achieve their objectives, while users can rely on privacy and greater control over their data. For example, Facebook users now have a new ‘clear history’ tool which anonymizes their off-Facebook web activity, and disables the Facebook tracking pixel. A happy consumer, is a happy government, is a happy business.

Facebook to launch new app for data collection

Facebook says the new app, called ‘Study’, will collect information about which apps people are using and for how long. Considering Facebook was under scrutiny for its previous two similar apps infringing on privacy, they have stated that this app is different.

Using the app, they plan to collect and analyze information including: which apps are installed on the user’s phone, user’s country, device and network type, as well as the time spent on each app.

“We have a responsibility to keep people’s information safe and secure. With this app, we’re collecting the minimum amount of information needed to help us build better products”, says Facebook product manager, Sagee Ben-Zedeff. “People often have a lot of apps on their phone, so we’ll periodically remind participants that they are a part of the program. They’ll also have the opportunity to review the information they’re sharing with us”.

Join our newsletter



Weekly News #8

Weekly News #8

Facebook privacy issues

Ontario looking into stronger privacy control to further protect citizens. Facebook under scrutiny once again over data privacy issues. Taking a look at GDPR one year later. 

Ontario takes action to protect privacy and personal data

79% of surveyed Ontarians believe data about people and businesses in Ontario need stronger protection. “Our government recognizes that the tremendous economic potential of emerging data technologies needs to be balanced with thoughtful and robust protections for the privacy and personal data of all Ontarians,” said Bill Walker, Minister of Government and Consumer Services. “We believe that Ontarians deserve to know and actively consent to the collection of data, how that data is used, and by whom”.

Three areas of focus include:

  • Promoting public trust and confidence
  • Creating economic benefit
  • Enabling a better, smarter, efficient government

Walker states that the Ontarian government is making sure the prime focus is the protection of personal privacy. He hopes our municipal and federal cohorts will do the same.

Judge orders Facebook to turn over records on data privacy

Facebook has been asked to turn over internal records regarding data privacy and access to user data by a judge in Delaware. This was the result of a lawsuit accusing Facebook’s mismanagement of data breaches. Furthermore, Facebook’s counter argument claiming that the investors had not stated a proper purpose for searching the company’s records, was rejected.

One year on, GDPR helps EU combat data privacy concerns, raises bar worldwide

The world as we know it changed when the GDPR came into action. Companies that were using data seamlessly were forced to invest in data centres and to regulate their data collection processes.

GDPR has introduced many new guidelines into the European consumer-business scene, such as the right to be forgotten, which simply means the company has to completely remove the user from their system altogether.

Every country or region is now trying to implement their own versions suitable for their own citizens. India was the first to come out with a similar law, followed by Brazil, Vietnam, China, Japan, Thailand and South Korea.

This cascading effect from GDPR shows light to a promising future of consumer privacy and regulation against the misuse of data. We look forward to seeing what these laws will do for us!

Join our newsletter



Weekly News #4

Weekly News #4

Facebook privacy issues

Nearly half of U.S.-based employees unfamiliar with emerging California Consumer Privacy Act (CCPA), which could affect businesses and innovators. Zuckerberg explains how Facebook gets ‘privacy-focused’, including how they will work with the online education site, Udacity. Similarly, Microsoft 365 to offer tighter security and privacy controls.

The CCPA basically oversees the collection and usage of data. Unfortunately, 46% of US workers do not know what CCPA is. Additionally, since experts expect the law to apply to more than 500,000 U.S. companies, more work is needed to train U.S. employees of this regulation.

Recently, a survey testing privacy knowledge was conducted on 1000 employees. Reports suggest that 12 percent of employees said they were unsure if they should report a cybercriminal stealing sensitive client data while at work. This issue demonstrates that there is a strong need for privacy awareness training in protecting sensitive information. That being said, a national data privacy standard must be addressed by Congress this year. However, there are risks involved, for example, if data rules are not done properly, it could harm startup culture and have a negative effect on innovators.

In other news, Zuckerberg’s plans to become more privacy-focused include end-to-end encryption for Messenger conversations and secure WhatsApp statuses that only friends can see. They are spending $3 billion to cover possible fines from the Federal Trade Commission over privacy violations in the past. In the future, they plan to emphasize private messaging and attain a bigger role in communities. Additionally, they will remove groups that have harmful content, supporting their motto, “The future is private”.

Facebook wants AI researchers to figure out privacy. They are currently working with Udacity, which is an online learning site, to try to enable AI research that doesn’t affect or harm privacy. As an incentive, they are offering scholarships to 5,000 people to encourage them to take a new Udacity course called Secure and Private AI. The idea is for people to learn how to apply techniques that AI powers are using.

Microsoft is also gearing towards better security, by strengthening security options available to Microsoft 365 customers. With access to new data controls, businesses will be able to better manage encrypted emails, prevent sharing of sensitive information, and investigate possible data errors. Using these controls, people can hone in on specific security issues, such as data leakage or phishing attacks. On top of that, Microsoft 365 is also adding a feature called Secure Private Channels, to help protect sensitive information from being unintentionally shared or leaked.

With large companies working to protect their consumers’ personal data, and CCPA working to enforce consumer rights, privacy has never been more prominent.

Join our newsletter



Weekly News #2

Weekly News #2

Facebook privacy issues

New information on Facebook’s user data misuse causes a $30 billion market-value loss. US senators propose the Data Care Act to regulate privacy across the 50 states. Reporting data breaches is now mandatory in Canada. The Department of Health and Human Services wants to modify HIPAA.

Facebook lost $30 billion in market value after the New York Times published on December 18 documents detailing different agreements that Facebook had with companies like Microsoft, Netflix, Spotify, Amazon, and Yahoo to access Facebook users’ data. For example, Netflix and Spotify could read users’ private messages. However, that was not everything. On December 14, Facebook notified its users of a bug in the Photo API that gave developers access to non-shared photos of 5.6 million users.

Pushed by the recent data breaches, 15 senators in the US proposed the Data Care Act on Wednesday to regulate privacy across the 50 states. The Data Care Act main guidelines are:

  • Duty of Care – Must reasonably secure individual-identifying data and promptly inform users of data breaches that involve sensitive information;
  • Duty of Loyalty – May not use individual-identifying data in ways that harm users;
  • Duty of Confidentiality – Must ensure that the duties of care and loyalty extend to third parties when disclosing, selling, or sharing individual-identifying data;
  • Federal and State Enforcement – A violation of the duties will be treated as a violation of an FTC rule with fine authority. States may also bring civil enforcement actions, but the FTC can intervene;
  • Rulemaking Authority – FTC is granted rulemaking authority to implement the Act.

On November 1st, it became mandatory to notify data breaches in Canada. This is an important step for Canadian privacy regulation and is something that will require a shift in the operation of Canadian businesses because according to Statistics Canada only 10% of the businesses affected by a cyber attack reports it.

The Department of Health and Human Services (HHS) issued a Request For Information (RFI) for input on how to modify HIPAA on the following issues:

  • Encouraging information-sharing for treatment and care coordination;
  • Facilitating parental involvement in care;
  • Addressing the opioid crisis and serious mental illness;
  • Accounting for disclosures of protected health information for treatment, payment, and health care operations;
  • Changing the current requirement for certain providers to make a good faith effort to obtain an acknowledgment of receipt of the Notice of Privacy Practices;

After having a 2018 plagued with data breaches and important privacy regulation (GDPR), we can expect that 2019 will be a year in which protecting privacy becomes a must for public and private organizations. SC magazine has eight privacy predictions for 2019, most of them revolve around regulations and their impact on the behavior of organizations and consumers.

Join our newsletter