FTC proposes changes to COPPA 

The Federal Trade Commission has proposed updates to the Children’s Online Privacy Protection Rule (COPPA Rule) to further limit companies ability to make money from childrens data. The COPPA Rule, which went into effect in 2000 focuses on ensuring that certain websites provide notice to parents of children below 13 of the collection and processing of the childrens data. The rule limits the data collected, how long it can be retained and places security requirements on the data collected. The proposed changes require targeted advertising to be turned off by default, strengthened data security requirements, restricted surveillance in schools and more. Read more 

AI not be recognised as inventor in patent applications  

The UK Supreme Court ruled that AI systems cannot be recognised as inventors in patent applications, a decision that was determined in the case of Thaler V Comptroller-General of Patents, Designs and TradeMarks in December 2023. Dr. Stephen Thaler filed patent applications and credited an AI system; DABUS as the inventor. Since Dr. Thaler owned DABUS, he argued that he was entitled to apply for patents. The Supreme Court held that the definition of an inventor under the Patents Act 1977 is restricted to natural persons. Read more 

€100,000 fine imposed for failure to respond to DSARs 

Italian Data Protection Authority, Garante, imposed a €100,000 fine on Autostrade per I’Italia for failing to respond to employee access requests. Garante found that 50 employees requested to access their personal files, pay slips, and other information pertaining to the calculation of their pay slips, however the company failed to respond to these requests, stating that it did not consider to ‘appropriate’ to do so as legal proceedings were underway between the company and its employees. Garante found the company in violation of Article 15 of the GDPR. Read more 

Health data of million exposed due to 30-year old DICOM vulnerability 

The standard protocol known as Digital Imaging and Communications in Medicine (DICOM) is a transfer format that allows interoperability between different hardware and software products. This format was introduced in 1985 and last updated in 1993. Cybersecurity researches found that over a 1000 servers across over 100 countries using the DICOM protocol leaked sensitive data. The top countries with health data exposed were India, the US and South Africa. Read more 

Chrome’s third-party cookie phaseout date revealed  

Google announced the rollout of Tracking Protection to 1% of Chrome users globally which will restrict tracking across different sites by default. This rollout will happen on January 4th, the full deprecation will happen in the second half of 2024. Users can temporarily turn cookies on for 90 days if needed, like if the site does not function correctly. Read more