The Office of the Privacy Commissioner of Canada will appeal the Federal Court of Canada's rejection of the OPC's 2019 case alleging Meta's Facebook violated the Personal Information Protection and Electronic Documents Act.
Former Twitter chief information security officer Lea Kissner is joining cloud-security company Lacework, The Wall Street Journal reports. Kissner was among the members of Twitters' privacy and security teams to resign after Elon Musk purchased the company last fall. Lacework is restructuring after laying off 20% of its workforce in May 2022.
France's data protection authority, the Commission nationale de l'informatique et des libertés, said its action plan on cookies "has had a strong impact." The CNIL said it handed out eight sanctions from 2020-22 related to cookies, totaling 421 million euros. The CNIL also said users are more informed about cookies, their uses and regulatory developments and are rejecting cookies at a growing rate.
The prevalence of "environmental DNA" could increasingly "pose dilemmas for the preservation of privacy and civil liberties," The New York Times reports. Environmental DNA, or eDNA, are trace amounts of genetic material humans and other living beings leave behind in nature, and scientists collect it to detect and track invasive species, for instance. However, law enforcement has begun utilizing technological advancements to collect evidence using eDNA samples, which can be fed into "unproven tools" to identify possible suspects.
Personal information belonging to approximately 237,000 current and former U.S. government employees was exposed in a data breach of the U.S. Department of Transportation, Reuters reports.
The U.S. Transportation Security Administration launched a facial recognition pilot program in 16 international airports around the country, the Associated Press reports. The system scans a passenger's identification and then captures a photo of the passenger and compares the two photos. The program is voluntary and not all passengers at the pilot airports have the option to participate.
In this week's Global News Roundup, outgoing European Data Protection Board Chair Andrea Jelinek reflected on her time overseeing enforcement of the EU General Data Protection Regulation. France’s data protection authority levied an expanded penalty against Clearview AI for delayed compliance. The U.S. Federal Trade Commission is considering amending the Health Breach Notification Rule. And the Privacy Commissioner of Canada told members of Parliament that political parties should be subject to relevant privacy laws.
Members of European Parliament will travel to the U.S. 15-18 May for a visit regarding international relations, including those related to the EU-U.S. Privacy Framework. The MEPs, led by Committee on Civil Liberties, Justice and Home Affairs Chair Juan Fernando López Aguilar, will discuss pertinent aspects of the DPF with representatives from the U.S. Department of Justice's Data Protection Review Court and the Office of the Director of National Intelligence.
National Cyber Security Centre Deputy Director of Incident Management Eleanor Fairford and U.K. Information Commissioner's Office Director of Regulatory Cyber Mihaela Jembei discussed the importance of transparency around cyberattacks.