Security News

The UK Competition and Markets Authority merger inquiry into NortonLifeLock's proposed $8bn acquisition of rival antivirus provider Avast has now closed, with the regulator concluding that a tie-up could indeed reduce competition in the marketplace. "Advanced discussions" concerning a merger of the two security vendors first surfaced in July 2021, when NortonLifeLock investors were told that a combination with Avast "Would bring together two companies with aligned visions, highly complementary business profiles and a joint commitment to innovation that helps protect and empower people to live their digital lives safely."

China's internet regulator, the Cyberspace Administration of China, has taken unusually strong action against a social network that has long been considered a thorn in the side of the nation's elites. In the years since its 2005 founding, the site has become known for attracting users who express opinions that China's government may well find displeasing.

Crypto ATMs offering cryptoasset exchange services in the UK must be registered with [the FCA] and comply with UK Money Laundering Regulations. If you're buying or selling cryptocoins via an existing payment card account or mobile phone payment system, from an ATM in a shopping centre, you'd think that the operation would be at least as trackable as any transaction involving a non-cryptocurrency account, such as a big-money purchase in a department store or luxury brand shop.

The UK's Competition and Markets Authority has invited comments from industry and interested parties about NortonLifeLock's proposed $8bn purchase of fellow infosec outfit Avast. "The CMA is considering whether it is or may be the case that this transaction, if carried into effect, will result in the creation of a relevant merger situation under the merger provisions of the Enterprise Act 2002," it said.

Italy's antitrust regulator has fined both Apple and Google €10 million each for what it calls are "Aggressive" data practices and for not providing consumers with clear information on commercial uses of their personal data during the account creation phase. The Autorità Garante della Concorrenza e del Mercato said "Google and Apple did not provide clear and immediate information on the acquisition and use of user data for commercial purposes," adding the tech companies chose to emphasize the data collection as only necessary to improve their own services and personalize user experience without offering any indication that the data could be transferred and used for other reasons.

US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the US financial sector's stability.

US federal bank regulatory agencies have approved a new rule ordering banks to notify their primary federal regulators of significant computer-security incidents within 36 hours. Banks are only required to report major cyberattacks if they have or will likely impact their operations, the ability to deliver banking products and services, or the US financial sector's stability.

Singapore's Personal Data Protection Commission has issued a fine of SG$74,000 on travel company Commeasure, which operates a travel booking website named RedDoorz that exposed 5.9 million customers' data - the largest data breach handled by the Commission since its inception. RedDoorz started life in Indonesia before moving its operations to Singapore, from where it aggregates budget hotel bookings in select Southeast Asian cities.

American Express has been fined 0.009 per cent of its annual profits by the Information Commissioner's Office after spamming people who opted out of its marketing emails with 4.1 million unwanted messages. "Between 1 June 2018 and 21 May 2019, 4,098,841 of those emails were marketing emails, designed to encourage customers to make purchases on their cards which would benefit Amex financially. It was a deliberate action for financial gain by the organisation. Amex also did not review its marketing model following customer complaints," said the ICO in a statement.

You've probably assumed, or at least hoped, when you've handed over data during the pandemic "For the greater good of all", that the company collecting it would treat it with more than the usual amount of care. The ICO noted that immediately below the abovementioned consent checkbox was wording that said, "To comply with Government Guidance during the Covid-19 pandemic, we are collecting your name and contact details. We will store these for 21 days only before deleting them in line with GDPR regulations. Your details will not be shared with any other company or organisation."