Security news aggregator

Latest coverage for Privacy

Privacy concerns how laws and norms govern personal data, shaping cybersecurity duties for collection, storage, access, and disclosure.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Privacy is the ability of people to control how information about them is collected, used, retained, and disclosed. In technical and legal contexts, it covers identifiable data and data that can support inferences about a person, not only information made public. Privacy rules and organizational policies commonly address purpose, transparency, access, correction, retention, and sharing.

For security practitioners, privacy depends on reducing unnecessary data and restricting legitimate access: data minimization, encryption, least-privilege controls, segregation of identifiers, retention limits, and audit logs all reduce exposure. Compromised credentials, misconfigured storage, excessive telemetry, or third-party access can reveal sensitive information; pseudonymized datasets may also be re-identified when combined with other data. During an incident, teams must establish what personal data was accessed or disclosed, contain further exposure, preserve evidence, and meet applicable notification and handling requirements.

Showing 12 most recent headlines Filtered view
Bank Info Security 2 years, 5 months ago

French CNIL Imposes Fine of 10 Million Euros on Yahoo

Company Fined for Dropping Advertising Cookies Without ConsentThe French data regulator imposed a fine of 10 million euros on Yahoo after determining that the company's advertising cookie policy had violated the country's privacy regulations. Yahoo deposited more than 20 tracking cookies without giving consumers a chance to withdraw consent.

Bank Info Security 2 years, 5 months ago

Groups Urge FTC to Scrutinize Google Location Data Practices

Complaint Alleges Tech Giant Is Breaking Privacy Promises, Putting Patients at RiskTwo tech advocacy groups are pushing the Federal Trade Commission to investigate Google, alleging the company has reneged on a promise it made after the Supreme Court's 2022 overturn of Roe v. Wade to promptly delete location data about users' visits to sensitive places, such as abortion clinics.

Bank Info Security 2 years, 5 months ago

Privacy Fines: Tech Hub Ireland Leads EU in GDPR Sanctions

4.7 Billion Euros in Total Known Fines Since Data Protection Law Took EffectIreland - home to the European headquarters of a throng of multinational tech companies - is responsible for the greatest amount of aggregate data protection fines - 2.9 billion euros - since the European Union General Data Protection Regulation went into effect.

Case Against Meta Likely Moving Forward After Court Heard Dismissal ArgumentsA federal judge said he is inclined to let proceed a putative class action lawsuit against Meta over its gathering of data from medical center patient portals through a web activity tracking tool. U.S. District for the District of Northern California Judge William Orrick on heard arguments.

Bank Info Security 2 years, 6 months ago

UK Privacy Watchdog Probes GenAI Privacy Concerns

ICO Call for Evidence to Focus on Legal Basis for Scrapped Training DataThe British data regulator is set to analyze the privacy implications of processing scrapped data used for training generative artificial intelligence algorithms. The Information Commissioners' Office is soliciting comments from AI developers, legal experts, and other industry stakeholders.

Bank Info Security 2 years, 6 months ago

NC Health System Agrees to Pay $6.6M in Web Tracking Case

Novant Health Is Among Latest Organizations Opting to Settle Patient Privacy ClaimsA North Carolina healthcare system has agreed to pay $6.6 million to settle a consolidated class action lawsuit involving its use of tracking tools in its websites and patient portals. The suit alleges the website trackers sent sensitive patient information to third parties without their consent.

Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn’t anything malicious, but with modern web environments being so complex, mistakes can happen, and non-compliance fines can be just an oversight away.Download the full case study here