IT Security & Privacy

The Biden administration has unveiled the long-awaited implementation plan for its National Cybersecurity Strategy, outlining a comprehensive roadmap to strengthen cybersecurity efforts across federal agencies and foster public-private partnerships. The living document, which will undergo continuous updates, sets forth 65 high-impact initiatives that federal agencies must fulfill within specified timelines.

Texas has recently joined a growing number of states by enacting a comprehensive consumer data privacy law known as the Texas Data Privacy and Security Act. The Act, which will come into effect on July 1, 2024, places obligations on businesses operating in Texas and processing personal data of Texas residents. With similarities to laws in other states like Virginia, California, and Colorado, this legislation aims to enhance consumer privacy rights and data protection.

The Norwegian Data Protection Authority (DPA) has announced its intention to impose a temporary ban on Meta, the parent company of Facebook and Instagram, from conducting behavioral advertising using the personal information of users in Norway. The ban, set to take effect on August 4, will last for an initial period of three months unless Meta can demonstrate compliance with the relevant requirements of the General Data Protection Regulation (GDPR). The DPA has warned of potential fines of up to 1 million Norwegian kroner (U.S. $100,000) per day if Meta fails to comply with the decision.

The personal information of millions of users of the Bangladeshi government's eGovernment portal has been exposed due to a data leak. The breach was discovered by Bitcrack Cyber Security researcher Viktor Markopoulos, who stumbled upon the leaked database while conducting a routine search for an SQL error. The leak has raised serious concerns about the government's commitment to data security and privacy.

In a significant blow to Meta, the social media giant has lost an antitrust lawsuit in Europe, which could have far-reaching implications for the regulation of personal data collection by tech companies. The case originated from a 2019 order by the German antitrust authority, requiring Meta to halt the collection of user data in the country without explicit consent. While Meta has faced fines and restrictions from data protection authorities in the past, this particular instance saw a competition authority utilizing antitrust law to directly regulate data privacy concerns.

In a significant development, a court decision has granted a delay in the enforcement actions on specific provisions of the California Consumer Privacy Act (CCPA) until March 2024. The ruling has sparked debates among privacy advocates, legal experts, and businesses across the state.

In the latest wave of privacy concerns surrounding tech giant Google, the company finds itself in hot water once again. The Swedish Data Protection Authority (DPA) has initiated an investigation into potentialGeneral Data Protection Regulation (GDPR) violations relating to GoogleAnalytics, a widely used tool for website analytics. As Google's legal woes escalate, signs suggest that Sweden may follow in the footsteps of other countries by banning the use of Google Analytics.