3
On this World Data Protection Day, celebrated every January 28, a look back at the events that unfortunately marked the past year. They remind us to be vigilant in our use of the Web.
As every year now, the date of January 28 is placed under the sign of the protection of personal data. World Data Privacy Day — called Data Privacy Day in the English-speaking world — was established in 2006 by the Council of Europe to pay tribute to the data protection convention, known as CETS No. 108, which transposes the fundamental rights and freedoms of citizens in the world of “automated processing”, understanding on the Web. We have dedicated an article to this purely symbolic date.
However, the results of the past year are not glorious. Our data is always a little more abused over time – even if it is true that the subject is more publicized today than before. Last January, a data breach of 215 million users was discovered. It concerns the Chinese company SocialArks, which stored unprotected a 408 GB database containing the personal information of 215 million social network users around the world. This is the second time that the company has found itself at the heart of such a case: in August 2020, it had already disclosed information related to 150 million accounts. Reassuring!
The Covid-19 crisis has also increased the vulnerability of certain targets, such as hospitals, health centers or the platforms that host our data. This summer, a cyberattack even disrupted Covid-19 vaccination services in the Rome region of Italy. When they attack institutions, such attacks are always very risky for users, who entrust sensitive data to trusted third parties. Still in the register of the health crisis, we also advise you, in order to protect your data, to deactivate the collection of usage statistics within the TousAntiCovid app.
On the video game streaming service side, it was Twitch that did poorly this year after a hacker exposed no less than 128 GB of data belonging to the platform, including the source code. Facebook is as always concerned by breaches in the protection of our data: the South Korean authorities have imposed a fine of 4.7 million euros on the social network for having collected the facial recognition data of 200,000 users.
This beginning of the year 2022 does not spare us either. The International Committee of the Red Cross (ICRC), a humanitarian aid agency present in many countries, announced that a vast cyberattack had compromised the data of half a million individuals. Particularly sensitive data since they concern vulnerable people, including women and men separated from their families as a result of conflict, disaster or migration, missing individuals and their relatives, as well as detained persons. On this subject, an emergency number for professionals and individuals should soon see the light of day.
Finally, and more worryingly, Europol has recently been accused of illegally collecting large datasets. The European Data Protection Supervisor (EDPS) gave the criminal police agency 12 months to comply with the law.