{"id":39552,"date":"2023-07-05T08:18:39","date_gmt":"2023-07-05T12:18:39","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=542209"},"modified":"2023-07-07T09:03:44","modified_gmt":"2023-07-07T13:03:44","slug":"cyber-security-today-july-5-2023-advice-to-firms-on-the-right-way-to-collect-personal-data","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-july-5-2023-advice-to-firms-on-the-right-way-to-collect-personal-data\/","title":{"rendered":"Cyber Security Today, July 5, 2023 \u2013 Advice to firms on the right way to collect personal data"},"content":{"rendered":"<p>Advice to firms on the right way to collect personal data.<\/p>\n<p>Welcome to Cyber Security Today. It&#8217;s Wednesday, July 5th, 2023. I&#8217;m Howard Solomon, contributing reporter on cybersecurity for<em> ITWorldCanada.com<\/em> and <em>TechNewsday.com<\/em> in the U.S.<\/p>\n<p><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/27349785\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\"  rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\"  rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\"  rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" loading=\"lazy\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>I&#8217;m away for a few days so this podcast isn&#8217;t news oriented. It&#8217;s about lessons learned from an investigation by four of Canada&#8217;s federal and provincial privacy commissioners <a href=\"https:\/\/www.itworldcanada.com\/article\/privacy-commissioners-find-tim-hortons-violated-privacy-laws\/486785\"  rel=\"noopener\">just over a year ago into excessive data collected by a coffee chain&#8217;s mobile app.<\/a><\/p>\n<p>The chain is Tim Hortons, one of this country&#8217;s biggest coffee outlets, which has over 5,000 stores around the world including 630 in the U.S.<\/p>\n<p>Last week the office of Canada&#8217;s federal privacy commissioner published a blog that looked back at the report&#8217;s findings, which confirmed that the Tim Hortons mobile app tracked users even when it was closed.<\/p>\n<p>The column offered advice that I think many organizations should remember:<\/p>\n<p><strong>&#8212;<\/strong>when developing a mobile app think whether a reasonable person would see your purposes for collecting or disclosing user data to be appropriate in the circumstances;<\/p>\n<p><strong>&#8212;<\/strong>ask for express consent before collecting, using or disclosing data that is likely to be considered sensitive. Which includes geolocation data. And, by the way, that&#8217;s asking for express consent, not implied consent;<\/p>\n<p><strong>&#8212;<\/strong>provide customers and users with a clear and prominent explanation about key elements of your privacy practices. That includes what data will be collected, whether the app will continue to collect data when it&#8217;s closed, who data will be shared with and any meaningful risk of harm or other negative consequences that could result from the collecting of person data;<\/p>\n<p>&#8211;and when your firm transfers data to a third party, make sure that company understands its data protection obligations.<\/p>\n<p>Why worry about proper data collection? Because if you don&#8217;t it could be bad for business. As a result of this investigation there were headlines about the finding, that Tim Hortons had to delete the location data it collected and that it had to tell its third-party service provider to do the same.<\/p>\n<p><a href=\"https:\/\/www.priv.gc.ca\/en\/blog\/20230629_02\/\"  rel=\"noopener\">There&#8217;s a link to the full column here.<\/a><\/p>\n<p>Remember links to details about podcast stories are in the text version at <em>ITWorldCanada.com.<\/em> That\u2019s where you\u2019ll also find other stories of mine.<\/p>\n<p>Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.<\/p>\n<p>The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-july-5-2023-advice-to-firms-on-the-right-way-to-collect-personal-data\/542209\">Cyber Security Today, July 5, 2023 \u2013 Advice to firms on the right way to collect personal data<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A look back at Canadian privacy commissioners&#8217; report into problems with the Tim Hortons<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,361,16],"tags":[389],"class_list":["post-39552","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-privacy","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/39552","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=39552"}],"version-history":[{"count":2,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/39552\/revisions"}],"predecessor-version":[{"id":39621,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/39552\/revisions\/39621"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=39552"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=39552"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=39552"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}