NEWS THIS WEEK: Privacy group sues Trump administration; Pennsylvania county loses childrens’ records; Window 10 needs privacy update

By Byron V. Acohido

In the news this week, a privacy watchdog group is suing the Trump administration’s commission investigating alleged election fraud, saying the requested information violates voters’ privacy. The Electronic Privacy Information Center, a nonprofit research organization, filed for a temporary restraining order to block the Presidential Advisory Commission on Election Integrity from gathering voter records from state election officials. The commission has requested election officials provide voters’ birth date, party affiliation, partial Social Security numbers, voter history, felony convictions and military service status. “The publication of voters’ personal information violates the constitutional right to informational privacy,” EPIC’s lawsuit says. “The Supreme Court has long recognized that individuals have a constitutionally protected interest in ‘avoiding disclosure of personal matters.'” The White House didn’t immediately respond to a request for comment. Source: CNet

Some Google employees’ information may have been revealed

Google told staffers that a hack on travel and hospitality firm Sabre Hospitality Solutions may have exposed their personal information, and advised them to complain to the Federal Trade Commission and to check their financial statements. Sabre, which operates the SynXis Central Reservations system, discovered unauthorized access to an account. Google is giving those affected two years of credit monitoring and protection. Source: The Inquirer

EU advised to drop Privacy Shield deal because U.S. can’t protect data

The Center for Digital Democracy told the European Union it should pull its Privacy Shield agreement with the United States. CDD cited a lack of privacy enforcement or oversight by the FCC and Federal Trade Commission. “There is no effective legal framework to protect consumer privacy in the U.S., with inadequate enforcement of the weak policies in place and an overall failure to address the dramatic growth of data practices,” CDD said. The group cited the nullification of FCC broadband privacy rules as a reason the U.S. can’t protect data privacy. Source: Multichannel News

Judge dismisses privacy case against Facebook

A U.S. judge dismissed litigation accusing Facebook of tracking users’ internet activity even after they logged out of the social media website. U.S. District Judge Edward Davila said plaintiffs failed to show they had a reasonable expectation of privacy, or that they suffered any “realistic” economic harm or loss. The plaintiffs claimed that Facebook violated privacy and wiretapping laws by storing cookies on their browsers that tracked when they visited outside websites containing Facebook “like” buttons. Source: The Insurance Journal

Security breach exposes information about children in Pennsylvania

More than 1,800 children had sensitive information compromised in a statewide data security breach, according to the County Commissioners Association of Pennsylvania. Personal identity information, including names, addresses, date of birth, and Social Security numbers, as well as public health information, might have been publicly viewable online. Source: The (Hanover, Pa.) Evening Sun

18 million accounts exposed in breach of internet radio service 8tracks

Hackers accessed the 8tracks user database and pilfered information, including email addresses and encrypted passwords, from at least 18 million accounts signed up for the internet radio service using email. The company believed it uncovered the method of attack, through “an employee’s GitHub account. The company changed passwords for storage systems, and added access logging to its backup system. Source: SC magazine

Medicaid information may have been accessible in Indiana

DXC Technology, the fiscal agent for the Indiana Health Coverage Program, reports that an internet hyperlink containing Indiana Medicaid patient information was potentially accessible from February to May. The information included patient’s names, Medicaid ID numbers, names and addresses of the health care providers, patient numbers, procedure codes, dates of service, and payment amounts. Source: The Indy Channel

Google partnership with British health service criticized

A partnership between the National Health Service and Google’s artificial intelligence software violated patient privacy laws, British regulators say. An investigation by the Information Commissioner’s Office indicated the Royal Free NHS Foundation Trust failed to comply with the country’s Data Protection Act when it handed over personal data for 1.6 million patients to Google DeepMind. Source: Fierce Health Care

Ukrainian police seize software firm’s servers in malware investigation

Ukrainian police seized the servers of an accounting software firm suspected of spreading a malware virus that crippled computer systems at major companies around the world. Ukraine’s Cyber Police said the servers of M.E.Doc—Ukraine’s most popular accounting software—had been seized as part of an investigation into the attack. Source: NBC News

Windows 10 users may be prompted to update privacy settings

Users running older versions of Windows 10 will receive a prompt to update privacy settings, part of the initial process of upgrading to the Windows 10 Creators Update via Windows Update. The prompt will appear automatically and can be postponed up to five times before it appears again. Source: OnMsft

This column originally appeared on

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone