The Cyber Express reports Nigeria's Data Protection Commission announced a NGN555.8 million fine against Fidelity Bank over alleged violations of the Data Protection Act concerning data processing activities. The NDPC claimed the bank illegally processed data obtained through the use of third-party cookies and its mobile banking app.Full story
New Zealand's Office of the Privacy Commissioner issued a preliminary opinion that a company violated a minor's right to privacy by using their image in a social media campaign. The minor was originally captured in a video uploaded to social media without their family's consent before it went viral and was still circulated on the internet.
Thailand's Office of the Personal Data Protection Committee issued a THB7 million fine to a private company that trades goods online after it collected the personal data of 100,000 citizens and leaked it to a call center gang to be exploited for identity theft purposes.
The U.S. Federal Communications Commission announced a USD1 million fine against Lingo Telecom for its unlawful use of generative artificial intelligence in a robocall campaign aimed at misinformation. Lingo used generative AI to voice clone U.S. President Joe Biden and dissuade New Hampshire voters from participating in the 2024 Democratic primary election.Full story
The U.S. National Institute of Standards and Technology published its second public draft on digital identity guidelines. The draft incorporates responses from stakeholders received on the draft guidance in 2023. The NIST invites the public to make comments on the new draft until 7 Oct.Full story
A panel of judges from the U.S. Court of Appeals for the Ninth Circuit reversed a decision to dismiss a class-action lawsuit filed against Google Chrome over the company's alleged data collection practices, The Verge reports. The lawsuit claimed Chrome collected users' "browsing history, IP addresses, persistent cookie identifiers, and unique browser identifiers without their explicit permission."Full story
The Center for Democracy and Technology wrote about a U.S. Senate provision that would limit the entities required to help with surveillance efforts under Section 702 of the Foreign Intelligence Surveillance Act but those entities would be left anonymous. It argues Congress needs to push back in part because there is no warrant or independent arbiter for Section 702 directives.Full story
To help U.K.-based small- and medium-sized enterprises meet data subject notification requirements, the Information Commissioner's Office released a Privacy Notice Generator tool as part of its ICO25 Strategic Plan. The tool allows SMEs in all sectors to develop tailored privacy notices for both internal and external communications. IAPP Staff Writer Alex LaCasse spoke with the ICO about the launch.Full story
Privacy advocacy group NOYB and the European Center for Digital Rights filed two complaints against the European Parliament with the European Data Protection Supervisor after an April data breach of its recruitment system exposed the sensitive personal information of staffers, Euractiv reports. The complaints were filed on behalf of four European Parliament staffers.
The U.S. National Institute of Standards and Technology's National Cybersecurity Center of Excellence will release a series of white papers titled "Applying 5G Cybersecurity and Privacy Capabilities." The series will examine the cybersecurity and privacy program management of mobile network operators, 5G network operators and organizations using 5G-enabled technology.Full story