Israeli Government Reauthorizes Israeli Security Agency Surveillance Owing to Covid-19 Omicron Variant

The Israeli Government issued new Emergency Regulations authorizing the Israeli Security Agency (ISA, commonly known by its Hebrew acronym “Shabak”) to track individuals diagnosed with the Omicron variant of Covid-19, and all those who came into contact with them for a period of up to seven days prior to their diagnosis. Tracking is done by monitoring their mobile phones’ signals. ...

Drastic Changes to Facebook’s Facial Recognition and Ad Targeting Policies

Meta, Facebook’s mother company, announced two major changes to its policies, both intended to enhance users’ privacy.

The first change is the discontinuation of use of facial recognition technology on Facebook. Facial recognition enabled the operation of two main features: automatic tagging suggestions of people in photos and videos, and image descriptions for the blind and visually impaired (also known as ...

U.S. Regulators Step Up Regulation on Financial Data

The US financial sector was visited by a wave of new regulatory rules during November.

At the beginning of the month, the FTC updated its Safeguard Rule to include more specific criteria for which safeguards must be implemented by financial institutions as part of their information security program. Those safeguards include limiting access authorizations to consumer information, using encryption to ...

New Head of the Israeli Privacy Protection Authority

The Israeli Government appointed Adv. Gilad Samama as the new head of the Privacy Protection Authority (PPA), ending a three-year period during which the role was vacant. Adv. Samma served in several professional and administrative positions in the Israeli Ministry of Justice. He was also a member of the “Tikva Hadasha” party, which is led by the current Minister of ...

China Continues to Tighten Data Privacy Regulation

The Cyberspace Administration of China (CAC) published for public comments, new draft guidelines for the cross-border transfer of data. The draft guidelines impose a comprehensive security review obligation on companies who: (1) process personal data of over a million data subjects; (2) process personal data collected or generated by the operators of “critical information infrastructure”; (3) transfer important data; or ...

Under Irish Regulator Pressure: WhatsApp Updates Its Privacy Policy

Following the Irish privacy regulator’s August 2021 decision to fine WhatsApp EUR 255,000,000 for violation of the transparency obligation under GDPR, the messaging app changed its privacy policy. The amended policy now provides users with further information about the collection, storage and usage of their personal data and about WhatsApp’s third-party service providers.

Although WhatsApp has changed its privacy policy, ...

EDPB Publishes Draft Guidelines on the Interplay between Article 3 and Chapter V of the GDPR

The European Data Protection Board (EDPB) published draft guidelines on the interplay between Article 3, which sets out the territorial scope of the GDPR, and Chapter V, which regulates the transfer of data outside the EU. The draft guidelines clarify when the processing of data will be considered “transfer of personal data to a third country or to an international ...