Data Privacy, Data Practices, and Other Interesting Privacy and Cybersecurity News for July 2022
DeleteMe
Reading time: 4 minutes
In the July 2022 edition of our business privacy newsletter, you’ll find our take on:
- American Data Privacy and Protection Act
- Scrutiny for Mobile Carriers and VPN Providers
- Data Privacy as a Civil Rights Issue
- Privacy, Security & Remote Work
American Data Privacy and Protection Act Moves to House Floor
On July 20th, The House Committee on Energy and Commerce moved the comprehensive data privacy bill forward with a 53-2 bipartisan vote. While there remain disagreements on details, many privacy advocates have expressed support, with some considering it stronger than any other currently existing legislation, others expressing concern it may weaken existing oversight by other agencies like FCC.
Our Take
We support the bill, even if some provisions may eventually require watering down in the process of gaining support for passage. Under the current patchwork of state data privacy laws, there is limited oversight of compliance or power of enforcement. A Federal framework would create clear standards for every business, materially improving online privacy for all Americans, while also making business regulatory compliance less complex.
Mobile Carriers and VPN Providers Under Scrutiny For Data Practices
This past Thursday, FCC sent a letter to mobile carriers demanding a response to queries about the collection and monetization of user geolocation data. A week earlier, members of Congress demanded FTC look into misleading privacy claims being made by VPN providers, citing a 2021 paper by Consumer Reports highlighting a lack of basic transparency across the majority of the industry.
Our Take
While 3rd party data brokers are often cited as the most significant ‘bad actors’ in the online data privacy problem, entities who serve as gatekeepers to the internet – carriers/ISPs and VPNs – play a significant role as a primary source of data collection. Consumers often face a choice of either ‘no internet’ or accepting vague vendor data collection terms. Greater overall transparency in internet-access provider data handling practices is long overdue.
Data Privacy Increasingly Seen as a Civil Rights Issue
In the wake of the overturn of Roe v. Wade by the Supreme Court, the issue of online data privacy has morphed into a popular civil rights concern beyond its normal focus as a source of business cybersecurity risk or consumer identity theft concerns.
In July, the Brookings Institution examined a range of topics where online data abuse results in real-world harm for marginalized groups. Also this past week, the ACLU published a report revealing how law enforcement agencies have long been buying vast amounts of data from commercial 3rd party data brokers.
Our Take
Over the last decade, we’ve watched online privacy move from being a ‘nice-to-have’ topic of interest to cybersecurity professionals and identity-theft risk-conscious consumers to an issue that touches almost every aspect of modern life. This trend is not slowing down, and we think businesses have an opportunity to distinguish themselves and benefit by making data privacy a key aspect of their brand, and a valued selling point to customers.
Join GroupSense CEO Kurtis Minder, and DeleteMe CEO Rob Shavell on Tuesday, August 9 at 1pm ET for a joint webinar, ”How to Protect Your Data: Operational Security in Remote Work.” During the webinar, Kurtis and Rob will discuss the operational security challenges of remote workforces and what happens after private information is available on the internet. Attendees will gain insight into:
- How easy it can be for organizational information to end up in the wrong hands
- What organizations can do to strengthen operational security
- What individuals can do if their personal information is on the internet
If you have any suggestions for next month’s edition, please let us know.
- Employees, Executives, and Board Members complete a quick signup
- DeleteMe scans for exposed personal information
Opt-out and removal requests begin - Initial privacy report shared and ongoing reporting initiated
- DeleteMe provides continuous privacy protection and service all year
DeleteMe is built for organizations that want to decrease their risk from vulnerabilities ranging from executive threats to cybersecurity risks.