DataPrivacy Archives - +91 9810953232

Data Privacy Issue with Google Plus


Google is on the point of having its Cambridge Analytica moment. A security bug allowed third-party developers to access Google+ user profile information since 2015 till Google discovered and patched it in March, however, set to not inform the globe. once a user gave permission to associate degree app to access their public profile information.

The bug additionally let those developers pull their and their friends’ personal profile fields. Indeed, 496,951 users’ full names, email addresses, birth dates, gender, profile photos, places lived, occupation and relationship standing were doubtless exposed, tho’ Google says it’s no proof the info was ill-used by the 438 Apps that would have had access.

Few corporations would dream of getting to come back out publically to inform customers their information had probably been exposed however had not been purloined or ill-used. Disclosures of knowledge incidents were usually saved just for the crimes.

But The Wall Street Journal’s report Monday that Google could have tried to hide up a bug that exposed the info of its Google+ social network customers shows however the wheel has turned. Google’s hiding was meant to quell any potential requires regulation over digital issue reported , and it shows however the routine, unreported privacy incidents of yesterday area unit progressively obtaining time within the limelight.

Google eventually disclosed the bug in an exceedingly, the expression a Google+ bug exposed personal information of up to 5 Lac users.

Regulators may mark currently, as they did with Uber once the corporate unconcealed a security breach that it tried to hide up with giant payments within the name of a “bug bounty” to hackers WHO found the info. the corporate has paid $148 million in settlements due to this incident, that was comparatively minor apart from the hiding. The Federal Trade Commission can keep an eye fixed on the car-hailing service for twenty years due to the matter.

The company set against informing the general public as a result of it’d cause “us coming back into the spotlight aboard or maybe rather than Facebook despite having stayed underneath the measuring system throughout the Cambridge Analytica scandal,” in step with an enclosed note. currently Google+, that was already a town, for the most part, abandoned or ne’er underpopulated by users, has become an enormous liability for the corporate.

Google additionally can amendment its Account Permissions system for giving third-party apps access to your information such you have got to verify every style of access singly instead of all without delay. Gmail Add-Ons are restricted to those “directly enhancing email practicality,” together with email shoppers, backup, CRM, mail merge and productivity tools.

Right to be Forgotten – Data Privacy Law


What is “Right to be Forgotten” in Indian Data Privacy Law.

The B.N. Srikrishna Committee has an important significance on obtaining the agreement of an individual to process & can use the personal information. The committee said consent must be “informed”, “specific” and “clear”, and needs to be capable of being withdrawn as easily as it was given. Thus, there is no right to erasure of data in the proposed law, and the bill will be going through a parliamentary process of word and approval before it becomes law, and might be some changes has brought in.

Therefore, the Protection Bill of Private data in 2018, embrace a segment on “right to be Forgotten” but the projected bill doesn’t give the right to erasure. The Section 27 of the bill has listed out three premises in which an individual will have the “right to restrict or prevent continuing disclosure of personal data” or the right to be forgotten. This will be relevant, if data disclosure is no longer necessary, or the consent to use data has been withdrawn or if data is being used contrary to the provisions of the law. An adjudicating officer will determine the relevancy of one of the three scenarios.
The officer can also determine that the right of the individual to limit the use of her data over-rides the right to freedom of speech or right to information of any other citizen.

Every person shall have the right to seek removal of personal data from Data Controller –
(a) where personal data is no longer necessary with regard to the purpose for which it was originally collected or processed; or
(b) where the person withdraws consent; or
(c) where personal data has been obtained unlawfully; or
(d) where personal data is required to be erased in accordance with a legal obligation pursuant to a Court order.

The European Court of Justice (ECJ) ruled in favor of Mario Costeja González In 2014, a Spanish man who was sad to look out his name on Google threw up a newspaper story from 1998. In 2009 he approached the newspaper to get that article removed as he felt it was no longer relevant. The newspaper felt it was inappropriate to erase the article, and Gonzalez then approached Google to not throw up the article when his name is searched. ECJ asked Google to remove the inadequate or not relevant data from its search results. Therefore, the ruling came to be known as the “right to be forgotten” and has been strengthened in data protection laws and regulations within the EU, as well as in the EU’s General Data Protection Regulation (GDPR).

After the article for EU GDPR outlined the situation that EU citizens will exercise their “right to be forgotten”. The News Article gives individuals the right to get personal data erased under six conditions, including withdrawal of consent to use data, or if data is no longer relevant for the purpose it was collected. However, the request may not be entertained in some situations such as if the request contradicts the right of freedom of expression, or when it goes against the public interest in the area of public health or historical research or regarding statistical purposes.

#GDPR #DataPrivacy #RigtToBeForgotten