Articles from Around the Web

Discover the latest industry insights and developments with our News from Around the Web page. We curate feeds from a variety of reputable organizations, bringing you a comprehensive overview of relevant news and trends. Stay informed and connected with the most current updates from across the web.

New York’s DFS reaches $4.5M settlement with health insurance provider

New York’s Department of Financial Services reached a $4.5 million settlement with EyeMed Vision Care over Cybersecurity Regulation violations that led to a July 2020 breach. The DFS found EyeMed’s failure to conduct adequate risk assessments, implement multifactor authentication, and limit user access privileges enabled a threat actor to access its email mailbox containing more than six years of consumers’ sensitive and personal health data. Under the settlement, EyeMed will conduct a cybersecurity risk assessment and develop a plan to address identified risks.

Australia introduces bill to significantly increase data breach penalties

Australia Attorney-General Mark Dreyfus introduced to the Parliament of Australia a bill to "significantly increase penalties for repeated or serious privacy breaches." The Privacy Legislation Amendment Bill 2022 proposes increases to the current fine scheme under The Privacy Act 1988, which carries a maximum fine of AU$2.22 million. Under the proposed three-factor scheme, violators face a AU$50 million fine or penalties based on data monetization and 30% of adjusted quarterly turnover.

Roundup: Australia, EU, India and more

In this week’s global legislative roundup, the California Privacy Protection Agency released updated draft regulations for the California Privacy Rights Act. The European Data Protection Board published updates to its guidance for data controllers identifying their lead supervisory authority. Australia introduced legislation to increase fines for data breaches. And, France’s data protection authority fined Clearview AI 20 million euros. (IAPP member exclusive.)Full Story

US political campaigns 'score' constituents to find persuadable voters

Political campaigns can “nano-target” voters with advertising to gauge their opinion on a specific issue and their likeliness to vote, The New York Times reports. For instance, in 2020, analytics firm PredictWise scored Republican voters using their cellphone location data to discern how much they stayed home during COVID-19 lockdown measures, which indicated they were a persuadable vote for Democrats.

ICO fined construction company 4.4M GBP fine over employee privacy violations

The U.K. Information Commissioner's Office fined construction company Interserve Group 4.4 million GBP over alleged employee data protection issues. The ICO found insufficient security measures that left 113,000 Interserve employees exposed to a phishing scheme that affected contact information, national insurance numbers, and bank account information.

Op-ed: Improvements to consider for proposed American Data Privacy and Protection Act

The proposed American Data Privacy and Protection Act is the closest U.S. Congress has been to passing comprehensive privacy legislation. While no small feat, the legislation is at a standstill as federal lawmakers renegotiate provisions and retain consensus views, particularly around preemption and preserving the California Consumer Privacy Act. Besides preemption, other less-talked about provisional roadblocks remain.