Tag:data privacy
$47 for the 47th Presidency: Musk Tests Super PAC Limits with Payouts for Swing State Voter Referrals
On October 7, 2024, Elon Musk’s pro-Trump Super PAC, America PAC, announced it would disburse $47 payments to residents of certain swing states who refer other swing state voters to sign a petition pledging support for the First and Second Amendments. Musk said on his social media platform, X, “ For every person you refer who is a swing state voter, you get $47! Easy money.” Eligibility is limited to registered voters in seven key battleground states: Arizona, Georgia, Michigan, Nevada, North Carolina, Pennsylvania, and Wisconsin. Musk’s goal is to reach 1 million signatures, which would amount to $47 million in payments to signatories.
FTC has Health Apps and Wearable Tech Vendors in its Sight with its Amended Health Breach Notification Rule
The Federal Trade Commission (“FTC”) is intensifying its already rigorous oversight of how health apps, such as fitness apps, menstrual cycle trackers, sleep trackers, etc., utilize and disseminate sensitive personal information. However, unresolved questions regarding the extent of the agency’s authority are likely to precipitate challenges that could significantly curtail these efforts.
Navigating the Genetic Frontier: 23andMe and the Challenges of Data Security
A recent situation involving millions of 23andMe users has raised significant concerns about data privacy and regulatory oversight. After sending a small tube of saliva to uncover ancestral roots, many individuals discovered that their genetic data had been compromised. 23andMe has transformed genetic testing by offering accessible health and ancestry information to consumers from the comfort of their homes. Since its inception, the company has faced regulatory challenges and became the first direct-to-consumer genetic genealogy test to receive FDA approval. While the company has largely avoided legal trouble over the years, recent data breaches have sparked legal action and underscored gaps in consumer protection.
Generative AI- The Next Frontier in Fighting Financial Crime
Artificial intelligence (AI) is the latest tool in a financial institution’s arsenal to restrict the flow of money being channeled to fund illegal activities worldwide. As criminals get more innovative and sophisticated in using the latest technology to evade detection of their financial crimes, financial institutions must follow suit and utilize similar technology to root out these crimes or risk facing regulatory sanctions. Money laundering generally refers to financial transactions in which criminals, including terrorist organizations, attempt to disguise the proceeds of their illicit activities by making the funds appear to have come from a legitimate source. However, this is not a new phenomenon. Congress passed the Bank Secrecy Act (BSA) in 1970 to ensure financial institutions follow a set of guidelines known as KYC (Know Your Customer/Client) to detect and prevent money laundering through their systems.
Kraken Settles with the SEC in a $30 Million Deal
Sophie Shapiro Associate Editor Loyola University Chicago School of Law, JD 2024 Kraken will pay $30 million to settle SEC (Securities and Exchange Commission) allegations that it broke the agency’s rules with its cryptoasset staking products and will discontinue them in the United States as part of the agreement with the regulator. What is Kraken? …
Read more
The Case for Expanding Privacy Protections in a Post-Roe World
In Dobbs v. Jackson Women’s Health Organization (Dobbs), the US Supreme Court ruled that abortion is not a fundamental right protected by the Constitution. This decision resulted in additional abortion protections in California, Michigan, and Vermont, and prompted many patients, providers, regulators, and tech companies to rethink data privacy. However, because most abortions are still banned in at least 13 states, this patchwork of state abortion laws, combined with the lack of any sufficient national privacy law, puts patient privacy at risk.
The Downfall of Twitter: Layoffs Rocking Big Tech
Over the last several weeks we have seen mass layoffs across big tech, including Salesforce, Twitter, and Meta. This comes after big tech peaked during the COVID-19 pandemic when it was essential to the nation in keeping us virtually connected. During the lock down tech giants’ profits soared as consumers upgraded devices, maximized increased storage, and were forced to get creative in communicating in the workspace. However, inflation, rising interest rates, and digital spending are driving big tech companies to implement large-scale layoffs as the economy prepares to take a downturn. While Meta CEO, Mark Zuckerberg, described the announcement as one of his hardest decisions, Twitter CEO, Elon Musk, has taken a different approach, causing continuous chaos that has led to compliance risks.
Federal Trade Commission Accuses Chegg of “Careless” Data Security
On Monday, October 31, the U.S. Federal Trade Commission (FTC) called on education technology provider Chegg, Inc. (Chegg) to bolster its data security, citing lax security practices that regulators said exposed the personal data of more than 40 million Chegg users. The exposed personal information included names, email addresses, passwords, and for certain users, sensitive scholarship data such as dates of birth, parents’ income range, sexual orientation, and disabilities.
The Need for Federal Regulation of Tracking Pixels to Protect Patient Data
In June 2022, a nonprofit news site called The Markup released a report stating that hospitals using Meta Pixel may be releasing patient data to Meta Platforms, Inc. (previously Facebook, Inc.). Since this report was released, many of the hospitals identified in the report removed pixel technology from their websites. In addition, some hospitals have released public breach notices and reported potential data privacy breaches to the US Department of Health and Human Services (HHS) Office of Civil Rights (OCR). Most recently, on October 20, 2022, Advocate Aurora Health, a large health system located in the Midwest, released a notice publicly announcing its potential pixel breach, which may affect as many as three million patients.
SEC Proposes Rules to Combat Cyber-Attacks
On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies. In an attempt to further protect against cybersecurity attacks and increase cyber transparency among issuers and investors President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). Before CIRCIA goes into effect, it requires the Cybersecurity and Infrastructure Security Agency (CISA) to complete mandatory rulemaking activities, to develop/publish a Notice of Proposed Rulemaking (NPRM), and a final rule. The SEC proposal and CIRCIA both have different implications, but both will increase cybersecurity regulations and procedures, even making employees more conscious of potential attacks.