A Paris-based startup may have developed the bridge between personal privacy and data protection, TechCrunch reports. Ravel Technologies built a tool that utilizes homomorphic encryption, which allows a company’s data to remain encrypted while the company works with third parties to process the data for their own purposes.
The New York Times reports a U.S. parent's Google account was suspended after they photographed infections in the private areas of their child for their health care provider to assess. Google's artificial intelligence system for detecting child sexual abuse imagery is used to track down and prevent sharing as such images, but accidental cases as this may be more common, Electronic Frontier Foundation technologist Jon Callas said.
Israel spyware maker NSO Group announced a restructuring that saw CEO Shalev Hulio resign and the layoffs of approximately 100 employees, CyberScoop reports. The company will reportedly pivot to marketing its materials to NATO countries.
The Office of the Data Protection Authority of Guernsey published a guide for applying the seven principles of the Data Protection Law 2017 to employee privacy. The guide reminded businesses that human resources data is subject to the Data Protection Law, as well as special category data, such as an employee’s ethnic origin and sexual orientation that require an enhanced level of security.Full Story
Politico reports Norway's data protection authority, Datatilsynet, is among the authorities objecting to the Irish Data Protection Commission's draft decision over Meta's EU-U.S. data transfers. Datatilsynet wants a fine attached to the DPC's decision, explaining there's "little or no incentive" for Meta or other companies to comply with EU data transfer rules without a financial consequence.
Former Twitter Head of Security Peiter Zatko filed whistleblower complaints to U.S. Congress alleging Twitter operates under lax and insufficient cybersecurity practices, CNN reports. The disclosures by Zatko claim the platform has issues with broad user data access without oversight and its data deletion practices are inconsistent.
The California Senate amended Assembly Bill 2273, the California Age-Appropriate Design Code, on third reading. The latest changes include increasing the data protection impact assessment submission timeline from two to three days and extending the period to cure violations from 45 to 90 days. The amendments move the bill back to the Senate's second reading calendar and it now requires Assembly concurrence for final passage. The California legislative session adjourns Aug.
The Wall Street Journal conducted a roundtable discussion with privacy professionals on the current landscape for employee surveillance and monitoring. Topics covered include how widespread monitoring has become, legal limits and ethical versus non-ethical deployments.
Indonesia's communications ministry opened a data breach investigation into state-owned telecommunications companies and a state-owned utility, Reuters reports. The entities under investigation are Telkom, internet service IndiHome and state utility Perusahaan Listrik Negara. A Telkom spokesperson denied there had been a breach, according to Reuters.