Verizon Will Warn Buyers About Tracking Data
Privacy and Data Protection

Computerworld reports that Verizon will put stickers on new mobile phones to warn buyers that their locations may be tracked by their new purchase and that applications (apps) might share this data with third parties. Verizon’s announcement reportedly came as the company disclosed that it stored users’ personally identifying data for seven years, with other telecommunications providers admitting to retention periods of “a few days” to five years.
Computerworld: Verizon to warn cellphone buyers on tracking data (1 May 2011)
(Source: Computerworld)

Google Cognisant of Privacy Criticisms
Privacy and Data Protection

The Australian reports that Google privacy director Alma Whitten has stated that the company has deliberately avoided using some technologies because of possible privacy concerns. Speaking at a seminar for privacy professionals in Sydney, Dr Whitten reportedly cited facial recognition technology as something the company could implement, but would not while transparency and control remained problematic. Dr Whitten also reportedly said that the company did not want to make unilateral decisions on privacy-related matters, and would rather engage with consumer and advocacy groups.
The Australian: Google faces it: privacy on smartphone in focus (3 May 2011)
(Source: The Australian)

Sony Apologises, Reveals Further Breach of Credit Cards
Privacy and Data Protection

Computerworld reports that Sony Electronics has formally apologised for the security breach in which hackers compromised 77 million gamers’ accounts. Sony gaming division head Kaz Hirai reportedly said that the company had taken its PlayStation Network and Qriocity services offline after it discovered the breach on 20 April 2011, and shortly after engaged a specialist company to investigate the breach. According to Computerworld, Sony has appointed a chief information security officer as part of its efforts to ensure such a breach does not happen again. Additionally, the company will reportedly implement “automated software monitoring systems to help guard against future attacks and to spot unusual network activity”.
Computerworld: Sony apologizes, details PlayStation Network attack (1 May 2011)

Reuters reports that Sony has since disclosed that it suffered a second breach, this time affecting nearly 25 million users. The second breach reportedly involved the theft of credit and debit account information of tens of thousands of users across the world. The information was reportedly stolen from Sony’s servers, and an “outdated database” from 2007. Computerworld also reports that some users have claimed to have suffered credit card fraud, and opine that the data breach must be the cause.
Computerworld: PlayStation Network users reporting credit card fraud (1 May 2011)
Reuters: Sony hires firms to clean up after breach (3 May 2011)

Hong Kong Privacy Commissioner for Personal Data (PCPD) Allan Chiang has initiated a compliance check into Sony’s data security measures, as well as a “detailed account of the incident”. The check will ascertain whether Sony had “taken all practicable steps to protect the customer data against hacking”. Mr Chiang has also warned users to be alert for identity theft scams.
Hong Kong PCPD’s media release (28 April 2011)

The Norwegian Datatilsynet has issued advice on the breach, including the possible consequences and what people can do to protect themselves against identity theft. Alberta, Canada Information and Privacy Commissioner Frank Work has also announced that he will not investigate the matter, but warned people to change their passwords and maintain vigilance in case of phishing emails.
Norwegian Datatilsynet’s media release (28 April 2011 – Norwegian language version available only)
Alberta, Canada Information and Privacy Commissioner’s media release (29 April 2011)
(Source: Computerworld; Reuters; Hong Kong PCPD; Norwegian Datatilsynet; Alberta, Canada Information and Privacy Commissioner)

Toyota Electric Could Pay US$25 Billion in Compensation
Corporate Responsibility and Sustainability, Health, Safety and Environment, Other

Reuters reports that Tokyo Electric Power (Tokyo Electric) and other firms may be required to bear the cost of compensation for damages arising from its nuclear power plant, estimated at 4 trillion yen. Reportedly, the government, along with Tokyo Electric and creditor banks have, drafted a scheme “that would allow the utility to cope with the bill of compensating those displaced by the crisis at its Fukushima Daiichi plant”. The plan reportedly requires Tokyo Electric to pay 2 trillion yen in compensation over a ten year period. Kansai Electric Power and seven other nuclear plant operators are reportedly expected to pay the other half of the 400 billion yen annual bill.
Reuters: Tokyo Electric may face $25 billion in liabilities: report (3 May 2011)
(Source: Reuters)

BP Fined US$25 Million for Oil Spill
Corporate Responsibility and Sustainability, Health, Safety and Environment

The US Department of Justice (DoJ) has announced that BP Exploration Alaska (BP Alaska) has agreed to pay US$25 million in penalties for the Alaskan North Slope oil spill and will also implement a pipeline integrity management program as part of the agreement. Investigators from the Environment Protection Authority and the Pipeline and Hazardous Materials Safety Administration (PHMSA) found that BP Alaska’s failure to adequately inspect and maintain the pipeline led to the oil spill. The PHMSA had issued a corrective notice to BP Alaska, however the company did not comply with the terms.
DoJ’s media release (3 May 2011)

Related news item:
New York Times (NYT): Shell Tries to Calm Fears on Drilling in Alaska (1 May 2011)
(Source: DoJ; NYT)