eBay class action lawsuit dismissed

A class action lawsuit filed against eBay following a 2014 data breach has been dismissed by a US court this week. The breach uncovered personal data of over 145 million users and claimants sought damages alleging "actual identity theft". The judge accepted eBay’s arguments that there was no evidence that financial information had been released and concluded there was no actual loss.

UK insurance industry issues data protection guidelines for fraud prevention

The UK’s Insurance Fraud Bureau has issued Best Practice Guidance to aid insurers when making disclosures under the Data Protection Act. It sets out best practice where insurers share information with the aim of preventing or detecting fraud and aims to enhance the quality of information shared whilst operating within the parameters of the law.

Unencrypted Internet.org platform labelled a "privacy nightmare"

Facebook have announced the launch of their Internet.org platform this week which will provide Internet services to users in developing countries. The platform will offer access to certain sites for free, using the unsecure, unencrypted HTTP. Site availability will be limited because many such as banking and instant messaging require data to be encrypted. In addition, the terms of the service require users to consent to their personal information being shared with third parties.

California to adopt tough new child privacy laws

This week California has enacted the Student Online Personal Information Protection Act which comes into force on 1 January 2016. It will prevent online service companies from carrying out targeted advertising to minors and their parents or guardians or from collecting information about them to build individual profiles. It will also require deletion of information when requested leading to greater protections for student data.

French parliament passes radical new surveillance law to combat terrorism

On 5 May the French parliament voted to adopt new surveillance rules which could allow authorities intrusive spying abilities with almost no judicial oversight. It is a radical overhaul of the 1991 intelligence law and has been a key area of focus for the French parliament in the wake of January’s terrorism attacks in Paris. The bill is likely to see authorities being able to install recording and filming devices in people’s homes and cars in an attempt to protect French citizens from terrorism.

Dutch regulator calls for law change to publish regulatory decisions

Organisations at the centre of investigations by the Dutch Data Protection Authority (CBP) are turning to legal action to block the publishing of decisions. The CBP President has called for transparency to "help citizens be more aware of how much data are being collected about them". The call for a change in the law to oblige publication of decisions has caused conflict with organisations who wish to keep the decisions private in order to avoid reputational damage.

Australian telco to challenge ruling requiring metadata disclosure

Telstra is set to challenge a ruling by the Privacy Commissioner requiring it to disclose metadata to the journalist who requested it. The data related to which cell tower was used for calls, incoming and outgoing numbers and SMS messages. Telstra argue that the disclosure goes beyond what they are obliged to hold and denied access to some of the information over privacy concerns. Industry body Communications Alliance argues that the decision "is impractical, unnecessary, and will be very costly".

‘Big Data’ used to hold Chinese accountable for moral and financial choices

A Chinese government document outlining a citizen rating system has recently been published. It frameworks plans to assign every adult in China with a credit code and an ID card by 2020 as part of a "Big Data" system which aims for ‘government promotion’. Data will be taken from financial and Internet sources including social media and will rank citizens’ social standing based on their compliance with core Chinese values.