At a glance.
- Privacy issues in connected cars.
- EU-UK data transfers.
- International data protection laws: updates.
- US data protection laws: updates.
Rolling smartphones: digital vehicle forensics.
A car’s onboard computer can provide a wealth of evidence in criminal investigations, NBC News reports. In the emerging field of digital vehicle forensics, investigators can tap into the safety and entertainment features of a smart car’s system to extract data not only about the automobile’s movements, but also when car doors were opened, what the driver said to the car’s voice-operated system, and any phone calls placed or text messages sent while a phone was plugged into the system, providing details that could help solve crimes from everyday felonies to homicides and kidnappings. Compared to your smartphone, a smart car’s system is fairly easy to infiltrate and gathers far more of your data than the user might realize. On the flipside, as with all smart devices, this info can be used to commit crimes as well. Just last year an identity theft hacker demonstrated how he could extract home and work addresses, Wi-Fi passwords, calendar events, and contact lists from used car computers purchased on eBay. Besides the Driver Privacy Act of 2015, which regulates the use of crash info stored on a vehicle's event data recorder, there is currently little federal regulation regarding smart car privacy.
EEA-UK data transfers will be unrestricted.
According to cyber/data/privacy insights, officials have decided that under the post-Brexit Trade Deal the exchange of data from the EU, including the EEA, to the UK will not be considered “restricted transfers” until at least six months from the start of 2021, meaning there will be no need for extra protections when transferring data between the EU and the UK. This gives the European Commission additional time to assess the adequacy of the UK's privacy protections and make a long-term ruling.
Data protection across the globe.
We’ve heard a lot about the EU’s General Data Protection Regulation and the California Consumer Privacy Act, but cyber/data/privacy insights gives us an overview of what’s going on in other parts of the world. In September 2020 Brazil’s Lei Geral de Proteção de Dados was instated, China published a draft of its Personal Information Protection Law in October, and just last month New Zealand repealed its decades-old privacy law and replaced it with the Privacy Act 2020. In November Canada initiated the Digital Charter Implementation Act which, if passed, will institute the Consumer Privacy Protection Act. IT World Canada provides a primer on Canada’s privacy regulations in comparison to those of other common-law nations.
Updates on US data privacy laws.
Looking stateside, on the heels of the California Consumer Protection Act eleven other state laws related to privacy and security have been recently introduced, reports CSO Online. The Nevada Senate Bill 220 Online Privacy Law and Maine’s Act to Protect the Privacy of Online Consumer Information address data privacy. In the data security arena, the cleverly-named New York Stop Hacks and Improve Electronic Data Security (SHIELD) Act expands current laws to include biometric data and email login info, and the Oregon Consumer Information Protection Act SB 684 tightens up breach notification deadlines.