Privacy News Roundup – December 1, 2021

A bipartisan group of House members have introduced the Filter Bubble Transparency Act. The act requires online platforms to allow users to opt out of having personal data-driven algorithms select the content they see.

Momentum is driven by the mutual acknowledgement from both parties that algorithms driven by user-specific data make services addictive, violate privacy, and promote extremism.

A class-action lawsuit has been filed against OnlyFans, alleging the platform has violated Illinois’ Biometric Information Privacy Act (BIPA). The complaint seeks $1,000 to $5,000 per violation.

The lawsuit claims the company collected facial biometrics from content creators to verify their age and identities without explanation of how the images would be handled and destroyed.

BIPA law has been used to launch thousands of class action lawsuits, typically accusing businesses of failing to collect written consent and providing adequate notification before scanning biometric identifiers. The lawsuits have mostly targeted social media and big tech, but have also focused on employers collecting fingerprints to verify employee identities when clocking in and out of work shifts.

The Biden administration issued one of the most comprehensive cybersecurity orders to date. It mandates nearly all federal agencies to patch approximately 290 security flaws.

The security issues were identified between 2017 and 2021 and are noted as carrying “significant risk to the federal enterprise.”

The Chicago Public School District has suspended access to popular classroom software.

This is due to amendments to the Illinois Student Online Personal Protection Act, which took effect on July 1, 2021. The act created more stringent requirements for district contracts with third-party educational service providers.

China’s Personal Information Protection Law (PIPL) has increased the need for companies to appoint a data protection officer.

However, while demand for DPO’s is high, incentive to take on the role is low because they may be held personally liable for any violations of China’s law.

Suspendisse eget semper enim, eget vehicula arcu. Mauris tempus risus at tellus vehicula auctor eu vel velit. Pellentesque id dolor nisl. Nullam tellus purus, sodales id hendrerit a, posuere non purus. Cras ultrices orci in justo ornare mollis. Quisque non maximus velit, in vestibulum lacus. Nulla eleifend eros eu sodales eleifend. Suspendisse pharetra interdum massa, ut gravida mi dapibus id.

The Privacy Legislation Amendment (Enhancing Online Privacy and Other Measures), Bill 2021, will strengthen the Privacy Act of 1988 by creating a new Online Privacy Code and providing higher penalties for violations, equating to:

• A maximum of $2.1 million for serious or repeated breaches of privacy
• Three times the value of any benefit obtained through the misuse of information
• 10% of the entity’s annual Australian revenue