+++++Under EU law, citizen can demand a copy of all personal data that companies hold about them. However, more than one year after implementation of the new law, most Android and iPhone apps still completely ignore this right, a new study has found. from r/iphone
https://dl.acm.org/doi/epdf/10.1145/3407023.3407057
How do App Vendors Respond to Subject Access Requests? A Longitudinal Privacy Study on iOS and Android Apps
the results of a four-year undercover field study.
Besides a general lack of responsiveness, the observed problems range from malfunctioning download links and authentication mechanisms over confusing data labels and le structures to impoliteness, incomprehensible language, and even serious cases of carelessness and data leakage. It is evident from our results that there are no well-established and standardized processes for subject access requests in the mobile app industry. Moreover, we found that many vendors lack the motivation to respond adequately. Many of the responses we received were not only completely insucient, but also deceptive or misleading. Equally worrisome are cases of unsolicited dissolution of personal data, for instance, due to the
apparently widespread practice of deleting stale accounts without prior notice
++++++++++++++
New lawsuit: Why do Android phones mysteriously exchange 260MB a month with Google via cellular data when they’re not even in use? from r/technology
+++++++++++++++++
more on privacy data in this IMS blog
https://blog.stcloudstate.edu/ims?s=privacy+data
What is GDPR? The huge European security regulation takes effect this week
Gene Marks Special to the Washington Post
The
European Union‘s General Data Protection Regulation, or GDPR, goes into effect on May 25
The objective of the regulation, which passed in 2016, is to simplify and consolidate rules that companies need to follow in order to protect their data and to return control to EU citizens and residents over their personal information.
Individuals in the EU will have the right to access or request that companies erase or migrate their data elsewhere. When asked, companies must prove to authorities that they have satisfactory policies and procedures in place to protect their data, or they will face huge fines. How huge? If your company’s not compliant, the fines could be as large as 20 million Euros (about $24 million) or four percent of your annual global revenue, whichever is higher.
“A U.S. tourist who visits Germany for one day and returns to the U.S. has rights under the law if that person used [a service like] Facebook while on the trip,” Alex Stern, an attorney wrote on his firm’s blog.
+++++++++++++++++++++++
++++++++++++++++++++++++++
More on the European Privacy Law in this IMS blog
https://blog.stcloudstate.edu/ims?s=gdpr
+++++++++++++++++++
+++++++++++++++++
more on privacy in this IMS blog
https://blog.stcloudstate.edu/ims?s=privacy