Terms of service

1touch.io Secures $14 Million Series A Round for its Network-Based Data Discovery, Privacy and Security Platform

Wednesday, June 3, 2020 - 1:30pm

"Today's privacy and security concerns have highlighted the need for organizations to have a granular understanding of the flows of their protected data," said Zak Rubinstein, Founder and CEO of 1touch.io.

Key Points: 
  • "Today's privacy and security concerns have highlighted the need for organizations to have a granular understanding of the flows of their protected data," said Zak Rubinstein, Founder and CEO of 1touch.io.
  • This provides a complete view of where an organization's data resides, how it's handled, accessed, and disseminated, and allows organizations to monitor compliance and security.
  • This includes structured and unstructured data, data at rest and data in motion, known data, and, most importantly, unknown data.
  • "We believe this unique platform, with its layered privacy, security, and compliance solutions, is the first one to provide the needed visibility and control needed for data governance."

ProKNX Announces the Launch of Its Innovative Fully Offline Voice Controlled Smart Home Assistant

Wednesday, June 3, 2020 - 4:00am

Jens Kastensson, CTO of ProKNX stated that the initial idea for the development of PRATGLAD arose because of serious concerns about intrusions into the privacy of smart home device users.

Key Points: 
  • Jens Kastensson, CTO of ProKNX stated that the initial idea for the development of PRATGLAD arose because of serious concerns about intrusions into the privacy of smart home device users.
  • PRATGLAD, which means "chatty" in Swedish, is the first voice controlled smart home assistant that uses machine learning and 'Natural Language Understanding' to understand and respond to a variety of commands said in thousands of different ways.
  • This allows it to work completely off-line to protect the privacy of its users.
  • ProKNX is a dynamic IoT company which develops and sells completely offline smart home assistants that provide all the comforts of a cloud-based system while maintaining the privacy of the consumer.

Bipartisan Privacy Bill Would Govern Exposure Notification Services

Tuesday, June 2, 2020 - 9:00pm

Authors: Stacey Gray, Senior Counsel; Katelyn Ringrose, Christopher Wolf Diversity Law Fellow; and Polly Sanderson, Policy Counsel Yesterday, Senators Cantwell (D-WA), Cassidy (R-LA), and Klobuchar (D-MN) introduced a new COVID-19 data protection bill, the Exposure Notification Privacy Act, which would create legal limits for automated exposure notification services.

Key Points: 
  • Authors: Stacey Gray, Senior Counsel; Katelyn Ringrose, Christopher Wolf Diversity Law Fellow; and Polly Sanderson, Policy Counsel Yesterday, Senators Cantwell (D-WA), Cassidy (R-LA), and Klobuchar (D-MN) introduced a new COVID-19 data protection bill, the Exposure Notification Privacy Act, which would create legal limits for automated exposure notification services.
  • The bill comes on the heels of Republican and Democratic-led bills introduced earlier this month that would govern COVID-19 data much more broadly.
  • In contrast, the Exposure Notification Privacy Act would specifically regulate exposure notification apps, primarily mobile apps that enable individuals to receive automated alerts if they have been exposed to COVID-19.
  • Large employers are also considering using exposure notification services as part of back to work strategies to help ensure safe working environments.
  • Exposure notification services can support the work of public health agencies and can help employers keep workplaces safe, but only if they are designed and implemented with privacy in mind and in the public interest.
  • Below, FPF summarizes the core provisions of the Exposure Notification Privacy Act, which, if passed, would become effective immediately.
  • If adopted, it would codify core data protection principles, such as purpose limitation.
  • The full text of the Exposure Notification Privacy Act can be found HERE.
Jurisdictional and Material Scope
    • Covered entities include commercial businesses, non-profits, and common carriers; collecting or processing data that is linked or reasonably linkable to [any] individual or device linked or reasonably linkable to an individual.
    • Although the bill does not contain an explicit exemption for de-identified data, covered data does not include aggregate data.
    • San Francisco and Massachusetts have also been ramping up manual contact tracing efforts.
    • Many of those are already subject to restrictions mandating confidentiality for public health agencies.
    • Generally, the federal government cannot directly regulate local governments engaged in traditionally local activities such as public health.
Obligations of Covered Entities
  • These obligations include:
    • App operators would be required to “collaborate with” a public health authority. This legal restriction would prevent commercial entities from developing and offering their own apps independently of any involvement of public health officials. For example, many large employers are developing “back to work” strategies that include deploying their own exposure notification apps to help ensure safe working environments for employees and customers. Under this bill, such employers would be prevented from doing so unless 1) the app facilitates manual contact tracing (rather than automated alerts); or 2) if they begin collaborating, at least to a certain extent, with a public health authority. As some workplace apps will likely be considered essential to helping employers ensure a safe working environment, the extent to which employers must collaborate with public health authorities–whether they must work closely together or, for example, adopt local health guidelines–will likely need further clarity. This is an area for further development by the Senate Commerce Committee.
    • Apps would have to be voluntary. The bill includes robust consent requirements that would require exposure notification apps to be voluntary. In order to process data as part of such a service, an app would be required to obtain “affirmative express consent,” which must be “freely given” and “nonconditioned,” after the user receives a “clear and conspicuous” disclosure of the data practices. 
    • Any COVID-19 diagnosis would have to be confirmed by a public health authority. The bill would require any diagnosis processed by an exposure notification service to be an “authorized diagnosis,” meaning confirmed by a public health authority or health care provider. This would preclude exposure notification services from being designed in such a way that individuals could self-report potential or unconfirmed COVID-19 diagnoses.
    • Data would have to be deleted regularly and upon request. The bill would require operators to either delete an individual’s data upon request or allow individuals a mechanism to delete their own data. Furthemore, the bill would require operators and service providers, on a recurring basis every thirty days, to delete covered data. This recurring deletion requirement would not apply to data processed for public health research purposes. 
    • Data would have to be kept secure. Covered entities would be required to implement reasonable security practices, a requirement that reflects the sensitive nature of the data. Specifically, operators would be required to assess reasonably foreseeable system risks and vulnerabilities, and undertake responsive and preventative actions in line with generally acceptable security standards to mitigate those risks. 
    • App operators would be prohibited from using data for any commercial purposes, or transferring data for secondary purposes. Aside from specific public health research related to COVID-19 approved by an institutional review board, operators would be prohibited from collecting or processing data beyond the “minimum amount necessary to implement an exposure notification service for public health purposes related to COVID-19.” The bill’s limitations on transferring covered data to executive agencies for secondary purposes would preclude the use of covered data for law enforcement or immigration. 
    • Platforms and apps would be required to publish privacy policies and public guidance. Platforms and apps would be obligated to publish public guidance on functionality, how to interpret the notifications, any limitations with respect to the accuracy or reliability of the exposure risk, and how the effectiveness of the service is measured, including adoption rates. In addition to requiring operators to publish robust privacy policies outlining their data practices, the bill would make it unlawful for an operator to engage in a deceptive act or practice concerning an exposure notification service. 


    Under this bill, commercial entities or nonprofits that operate “automated exposure notification services” would be subject to strict legal requirements. Many of the bill’s requirements are consistent with the requirements for COVID-19 apps set by the App Store and Google Play. As a result, app developers using the API created by Google and Apple should already be substantially in compliance.

Anti-Discrimination Provisions 
    • In addition to obligations on app providers, the bill featuresstronganti-discrimination provisionsthat would apply to restaurants, educational institutions, hotels, retailers, and other places of public accomodation (as defined in Section 301 of the Americans with Disabilities Act).
    • If passed, the bill would make it unlawful for these kinds of establishments to use data from such automated exposure notification services to deny people entry, services, or otherwise discriminate against them.
    • Immunity passports are methods for individuals to verify their risk status with respect to COVID-19 i.e., that they have not been exposed, or are not showing symptoms for purposes of travel and work.
    • Immunity passports have been widely criticized for their potential lack of efficacy, as well as their disparate impacton the basis of class and race.
Enforcement and Oversight
    • The Exposure Notification Privacy Acts requirements would be enforced by the Federal Trade Commission (FTC) and State Attorneys General (AGs).
    • A violation of the bill would be treated as a violation of the FTCs prohibition against unfair or deceptive acts or practice under the FTC Act (15 U.S.C.
    • The bill also preserves existing rights of individuals under other federal and state laws, including consumer protection laws, civil rights laws, or common law.
    • The Exposure Notification Privacy Act would become effective on the date of enactment.
    • This bill would also extend the purview of the Privacy and Civil Liberties Oversight Board (PCLOB) to federally declared public health emergencies as well as federal actions used to combat terrorism.
Looking Ahead
    • Senator Cantwells proposal offers a promising legal model to build much-needed trust in such services.
    • In the United States, public health authorities in North Dakota, South Dakota, Utah, Georgia, California, and others are working with private companies to develop contact tracing services.
    • Meanwhile, Google and Apple have partnered to provide the interoperability and API access needed for Bluetooth-powered exposure notification services to function effectively.
    • Let us know at [emailprotected] as we continue tracking developments related to exposure notification services.

Highlights - Study: New aspects and challenges in consumer protection - Digital services and AI - Committee on the Internal Market and Consumer Protection

Tuesday, June 2, 2020 - 8:02pm

The study addresses the new challenges and opportunities for digital services that are provided by AI, in particular which regard to consumer protection, data protection, and providers liability.

Key Points: 
  • The study addresses the new challenges and opportunities for digital services that are provided by AI, in particular which regard to consumer protection, data protection, and providers liability.
  • The discussion addresses the way in which digital services rely on AI for processing consumer data and for targeting consumers with ads and other messages, with a focus on risks to consumer privacy and autonomy, as well as on the possibility of developing consumer-friendly AI applications.
  • Also addressed is the relevance of AI for the liability of service providers in connection with the use of AI systems for detecting and responding to unlawful and harmful content.
  • This document was provided by the Policy Department for Economic, Scientific and Quality of Life Policies at the request of the IMCO committee.

MatrixPoint Consulting releases Verified Private Certification

Friday, May 29, 2020 - 2:00pm

IRVINE, Calif., May 29, 2020 /PRNewswire-PRWeb/ --MatrixPoint, a data-centric consulting firm specializing in marketing efficiency and data privacy compliance, today released its Verified Private Certification.

Key Points: 
  • IRVINE, Calif., May 29, 2020 /PRNewswire-PRWeb/ --MatrixPoint, a data-centric consulting firm specializing in marketing efficiency and data privacy compliance, today released its Verified Private Certification.
  • The Verified Private Trustmark can improve consumer confidence and website conversions, while also protecting your company from significant fines that range from $2,500 to $7,500 per customer record.
  • "Our team is extremely excited to offer this visible certification to companies who truly care about their customer's data and privacy," said MatrixPoint Managing Partner, Brian Mahoney.
  • MatrixPoint Consulting was created to help companies improve their business processes, their relationship with their customers, and ultimately, their bottom line.

Phunware Receives TRUSTe Data Collection Certification from TrustArc

Friday, May 29, 2020 - 1:30pm

Phunware, Inc. (NASDAQ: PHUN) (the Company), a fully-integrated enterprise cloud platform for mobile that provides products, solutions, data and services for brands worldwide, announced today that it has received a TRUSTe attestation for successfully satisfying the Data Collection Certification Assessment Criteria requirements as assessed by TrustArc against its Data Collection Certification standards.

Key Points: 
  • Phunware, Inc. (NASDAQ: PHUN) (the Company), a fully-integrated enterprise cloud platform for mobile that provides products, solutions, data and services for brands worldwide, announced today that it has received a TRUSTe attestation for successfully satisfying the Data Collection Certification Assessment Criteria requirements as assessed by TrustArc against its Data Collection Certification standards.
  • Phunwares MaaS platform was designed to operate at scale, managing critical data collection for large enterprises while easily managing more than one billion monthly active devices across more than a petabyte of data, said Luan Dang , CTO and Co-Founder of Phunware.
  • An independent third party review and certification from TrustArc for TRUSTe attestation demonstrates privacy compliance and a high commitment globally to following data collection best practices.
  • Click here to learn more about Phunwares commitment to privacy and responsible data collection on MaaS.

FRA discusses privacy, data protection and COVID-19 with cities

Friday, May 29, 2020 - 12:07am

On 26 May, FRA presented key fundamental rights considerations emerging from the second edition of its COVID-19 Bulletin during a webinar on privacy and using technology to control the pandemic.

Key Points: 
  • On 26 May, FRA presented key fundamental rights considerations emerging from the second edition of its COVID-19 Bulletin during a webinar on privacy and using technology to control the pandemic.
  • The European Forum for Urban Security (EFUS) organised the webinar.
  • It brought together more than 30 cities and other local governments to share information and experiences on the use of technologies such as contact tracing app, in the fight against COVID 19.

Anapaya is Already Delivering on the Promises of 'New IP'

Thursday, May 28, 2020 - 10:04pm

Many western countries fear the proposed changes will enable central authoritarian control over the internet itself.

Key Points: 
  • Many western countries fear the proposed changes will enable central authoritarian control over the internet itself.
  • However, Anapaya already has an operational solution that meets all these needs and more.
  • "There seems to be a lot of controversy regarding the changes to internet routing standards that were proposed at the UN.
  • It's just pure freedom, agency and privacy in an online environment and that's why businesses are choosing to use Anapaya."

OneTrust Launches PrivacyConnect Industry Expert Panels

Thursday, May 28, 2020 - 1:00pm

As a part of the expanded PrivacyConnect Online series, the industry expert panels events bring together sector-specific privacy experts to discuss trends, challenges and best practices

Key Points: 
  • As a part of the expanded PrivacyConnect Online series, the industry expert panels events bring together sector-specific privacy experts to discuss trends, challenges and best practices
    ATLANTA, May 28, 2020 /PRNewswire/ -- OneTrust , the largest and most widely used privacy, security and trust technology, today announced an expanded PrivacyConnect with new Industry Expert Panels : free online events focused on privacy best practices in specific industries.
  • Register now for the free PrivacyConnect Industry Expert Panels and earn CPE credits!
  • PrivacyConnect Industry Expert Panels will offer focused discussion on the unique challenges facing various industries.
  • In addition to the industry expert panels, OneTrust recently announced more than 160 new online events in cities across the globe.

Social Media Platform 2cents Dedicated to Protecting Privacy

Wednesday, May 27, 2020 - 1:31pm

DALLAS, May 27, 2020 /PRNewswire/ -- 2cents, a micro blogging platform, offers a responsible approach to social media by not abusing the privacy of its customers.

Key Points: 
  • DALLAS, May 27, 2020 /PRNewswire/ -- 2cents, a micro blogging platform, offers a responsible approach to social media by not abusing the privacy of its customers.
  • 2cents believes in digital privacy, which encompasses information privacy, communication privacyand individual privacy.
  • 2cents encourages a healthy discourse on all topics and because it verifies each user and has no fake (bot) accounts.
  • 2cents is setting a more transparent and honest social media experience.