Instagram fined €405m over children's data privacy

SEP 6: The long-running complaint concerned children's data - particularly their phone numbers and email addresses. Some reportedly upgraded to business accounts to access analytics tools such as profile visits, without realising this made more of their data public. Instagram's owner, Meta, said it planned to appeal against the decision. It is the third fine handed to the company by the regulator. "We adopted our final decision last Friday and it does contain a fine of €405m [£349m]," Ireland's Data Protection Commissioner (DPC) said. 'Engaged fully' A Meta official told BBC News: "This inquiry focused on old settings that we updated over a year ago and we've since released many new features to help keep teens safe and their information private. "Anyone under 18 automatically has their account set to private when they join Instagram, so only people they know can see what they post and adults can't message teens who don't follow them. "While we've engaged fully with the DPC throughout their inquiry, we disagree with how this fine was calculated and intend to appeal it. "We're continuing to carefully review the rest of the decision." 'Major breach' The DPC regulates large technology companies with European headquarters in the Republic of Ireland. It has never given such a large fine for a breach of the European Union's General Data Protection Regulation. But last year, it fined WhatsApp €225m, while Luxembourg's data authority fined Amazon a record €746m. National Society for the Prevention of Cruelty to Children (NSPCC) child-safety-online policy head Andy Burrows said of Instagram's fine: "This was a major breach that had significant safeguarding implications and the potential to cause real harm to children using Instagram. "The ruling demonstrates how effective enforcement can protect children on social media and underlines how regulation is already making children safer online. "It's now over to the new prime minister to keep the promise to give children the strongest possible protections by delivering the Online Safety Bill in full and without delay."

पूर्ण विवरण

सम्बन्धित सामग्री

Xabit Analytics: Driving success through data

When it comes to data security, for Xabit Analytics, privacy is of paramount importance. The post Xabit Analytics: Driving success through data appeared first on OnlineKhabar English News.

Onlinekhabar English 3 महिना पहिले

Guardians of Secrets: Unveiling the AI Privacy Paradox

The latest wave of AI regulations has a dual focus: ethical usage and safeguarding privacy. These regulations, as exemplified by the European Union's General Data Protection Regulation (GDPR), are designed to establish stringent safeguards for personal data while imposing restrictions on potentially harmful autom

Ratopati English भाद्र २०८०

OpenAI to offer remedies to resolve Italy’s ChatGPT ban

The company behind ChatGPT will propose measures to resolve data privacy concerns that sparked a temporary Italian ban.

Nepalnews फाल्गुन २०७९

OpenAI to offer remedies to resolve Italy’s ChatGPT ban

The company behind ChatGPT will propose measures to resolve data privacy concerns that sparked a temporary Italian ban.

Nepalnews फाल्गुन २०७९

Optus: How a massive data breach has exposed Australia

SEPT 29: Some experts say it may be the worst data breach in Australia's history. But this week has seen more dramatic and messy developments - including ransom threats, tense public exchanges and scrutiny over whether this constituted a "hack" at all. It's also ignited critical questions about how Australia handles data and privacy. The alarm was sounded last Thursday Optus - a subsidiary of Singapore Telecommunications Ltd - went public with the breach about 24 hours after it noticed suspicious activity on its network. Australia's second biggest telecoms provider said current and former customers' data was stolen - including names, birthdates, phone numbers, email addresses, passport numbers and driving licence numbers. It stressed that payment details and account passwords were not compromised. Those whose passport or licence numbers were taken - roughly 2.8 million people - are at a "quite significant" risk of identity theft and fraud, the government has since said. Optus said it was investigating the breach and had notified police, financial institutions, and government regulators. The breach appears to have originated overseas, local media reported. Those whose passport or licence numbers were taken - roughly 2.8 million people - are at a "quite significant" risk of identity theft and fraud, the government has since said. Optus said it was investigating the breach and had notified police, financial institutions, and government regulators. The breach appears to have originated overseas, local media reported. "Obviously, I am angry that there are people out there that want to do this to our customers, and I'm disappointed that we couldn't have prevented it," she said on Friday. Then a ransom threat was made Early on Saturday, an internet user published data samples on an online forum and demanded a ransom of $1m (A$1.5m; £938,000) in cryptocurrency from Optus. The company had a week to pay or the other stolen data would be sold off in batches, the person said. Investigators are yet to verify the user's claims, but some experts quickly said the sample data - which contained about 100 records - appeared legitimate. Sydney-based tech reporter Jeremy Kirk contacted the purported hacker and said the person gave him a detailed explanation of how they stole the data. The user contradicted Optus's claims the breach was "sophisticated", saying they puled the data from a freely accessible software interface. "No authenticate needed… All open to internet for any one to use," they said in a message, according to Kirk. As data circulates, revelations of more stolen details In another escalation on Tuesday, the person claiming to be the hacker released 10,000 customer records and reiterated the ransom deadline. But just hours later, the user apologised - saying it had been a "mistake" - and deleted the previously posted data sets. "Too many eyes. We will not sale [sic] data to anyone," they posted. "Deepest apology to Optus for this. Hope all goes well from this." That sparked speculation about whether Optus had paid the ransom - which the company denies. Adding to the problem, others on the forum had copied the now-deleted data sets, and continued to distribute them. It also emerged some customers' Medicare details - government identification numbers that could provide access to medical records - had also been stolen, something Optus did not previously disclose. Late on Wednesday, the company said this had affected almost 37,000 Medicare cards. 'Possibly Australia's most serious breach' Optus has been inundated with messages from angry customers since last week. People have been warned to watch out for signs of identity theft and for opportunistic scammers, who are said to be already cashing in on the confusion. A class-action lawsuit could soon be filed against the company. "This is potentially the most serious privacy breach in Australian history, both in terms of the number of affected people and the nature of the information disclosed," said Ben Zocco from Slater and Gordon Lawyers. The government has called the breach "unprecedented" and blamed Optus, saying it "effectively left the window open" for sensitive data to be stolen. In an ABC television interview on Monday, Cyber Security Minister Clare O'Neil was asked: "You certainly don't seem to be buying the line from Optus that this was a sophisticated attack?" "Well, it wasn't. So no," Ms O'Neil replied. The moment drew lots of attention online. Ms Bayer Rosmarin told News Corp Australia on Tuesday: "We have multiple layers of protection. So it is not the case of having some sort of completely exposed APIs [software interfaces] sitting out there. "I think most customers understand that we are not the villains," she said, adding Optus could not say more while the investigation was ongoing. The company has faced calls to cover the costs of replacement passport and driving licences, as people scramble to protect themselves. 'A decade behind on cyber-security' The breach highlights how much Australia lags other parts of the world on privacy and cyber issues, Ms O'Neil says. "We are probably a decade behind… where we ought to be," she told the ABC. Both sides of politics have traded blame on the issue. Opposition MPs have said the Labor government is "asleep at the wheel", but the government points out it was only elected in May after a decade of conservative rule. Ms O'Neil pointed to two areas needing urgent reform. She argues the government should be able to better penalise companies like Optus. In some countries, the company would have faced hundreds of millions of dollars in penaltiesbut Australia's fine is capped at about $2m, she said. She also wants to expand cyber-security laws that were introduced last year to include telecommunications companies. "At the time, the telecommunications sector said: "Don't worry about us - we're really good at cybersecurity. We'll do it without being regulated. I would say that this incident really calls that assertion into question." Security experts have also suggested reforming data retention laws so telecommunication companies don't have to keep sensitive information for so long. Ex-customers should also the right to request companies delete their data, experts say. Optus says it is required to keep identity data for six years under the current rules. Other industry figures have argued consumers should be able to take companies that lose control of their information to court, instead of the industry regulator.

Ratopati English भाद्र २०७९

TikTok may face big fine over children’s data protection

TikTok could face a 27 million-pound ($29 million) fine in the U.K. over a possible breach of U.K. data protection law by failing to protect children’s privacy when they are using the video-sharing platform.

Nepalnews भाद्र २०७९

FACEBOOK: Leaked document shows that Facebook lacks information on collected user data

ICT Samachar चैत्र २०७८

Norway fines dating app Grindr $7.16M over privacy breach

Norway’s data privacy watchdog on Wednesday fined gay dating app Grindr 65 million kroner ($7.16 million) for sending sensitive personal data to hundreds of potential advertising partners without users’ consent — a breach of strict European Union privacy rules.

Republica कार्तिक २०७८

U.S. lawmakers call for privacy legislation after Reuters report on Amazon lobbying

ICT Samachar कार्तिक २०७८

Invasion of privacy in Nepal: How much fear? How much real?

Most of you in Nepal are unaware of the data trail you leave behind. This includes GPS data, phone records, credit card transactions, and a variety of other vital information. These data trails will be gathered by service providers such as browsing websites, instant messaging services, and video sites. These personal data are collected, kept, transferred, or sold to other parties without the user's permission.

Onlinekhabar English बैशाख २०७८