Text messages may not be secure enough for two-factor authentication, The Wall Street Journal reports. Texts, or SMS messages, were previously a “maintenance communication channel between cell towers and phones” but were widely adopted by consumers who learned they could send texts to other cell customers. Today, hackers can utilize SMS messages to launch phishing attacks and SIM card swapping, where hackers clone a cellphone and can read texts sent to a cellphone.
The Philippines’ National Privacy Commission issued guidance on how the agency issues the Circular on Administrative Fines for data privacy violations. The fines are intended to be “proportionate and dissuasive of data privacy infractions.” Privacy Commissioner John Henry Naga said, “The National Privacy Commission is intensifying its efforts in order for personal information controllers and processors to adopt optimal levels of data protection and security.
The IAPP is accepting submissions for the next iteration of the "Privacy Tech Vendor Report" expected to be released in October. Vendors seeking inclusion in the report and organizations that wish to update their current entries have until Aug. 29 to fill out the form found in the Full Story link below.
California Privacy Protection Agency Executive Director Ashkan Soltani wrote a letter to U.S. House Speaker Nancy Pelosi, D-Calif., and House Minority Leader Kevin McCarthy, R-Calif., doubling down on its opposition to the proposed American Data Privacy and Protection Act.
A lack of implementation regulations and general clarity around China’s Personal Information Protection Law is creating potential compliance burdens. This is especially true with understanding conditions for cross-border data transfers under Article 38 of the PIPL.
The Chamber of Deputies of Brazil announced consideration of an amendment to the General Data Protection Law that would limit most processing activities involving national security data.
The Baden-Württemberg Commissioner for Data Protection and Freedom of Information released a dissenting opinion over a recent decision on data transfers by the Baden-Württemberg Public Procurement Chamber. The LfDI questioned the court's decision regarding insufficient supplementary measures to execute transfers through U.S.-based cloud service providers' EU subsidiaries.
In this week’s global legislative roundup, the U.S. Federal Trade Commission announced it will explore privacy and data security rulemaking. Updates to Russia’s personal data law will be formally implemented next month. The Irish Data Protection Commission’s children's privacy decision against Instagram could come by the end of August. And, the California state legislature advanced the California Age-Appropriate Design Code Act to a Senate floor vote. (IAPP member exclusive.)Full Story
Forbes reports on a study finding digital health companies are sharing their users’ personal data with Facebook to better refine targeted advertising. The study followed users active in an online cancer support community using applications from five companies. Researchers found third-party ad trackers utilized by the companies followed the users online and were used to directly market to them.