U.S. Senator Ron Wyden (D-OR) has written to the Federal Trade Commission (FTC) and the Securities and Exchange Commission (SEC) calling for action to be taken to protect consumers and investors from “the outrageous conduct” of the publicly owned data broker, Near Intelligence Inc. Sen. Wyden launched an investigation in May 2023 of Near Intelligence after a report in The Wall Street Journal revealed the Wisconsin-based non-profit anti-abortion group, The Veritas Society, used geolocation data obtained from Near Intelligence to conduct a misinformation campaign on women suspected of seeking abortion.

Geolocation data is collected through code that is incorporated into mobile phone apps. The code receives location data and transfers it along with other information from the user’s device. The data collected reveals a person’s movements, including visits to sensitive locations such as reproductive health clinics, places of worship, healthcare providers, and other sensitive locations. The geolocation data can be tied to an individual and reveals how long they were present at a particular location, with the data accurate to a few meters.

The Veritas Society’s advertising agency, Recrue Media, used Near Intelligence to obtain the geolocation data of individuals who visited Planned Parenthood clinics and used that data for the advertising campaign. Recrue Media conducted the campaign for The Veritas Society From November 2019 through the summer of 2022, when Roe vs. Wade was overturned following the decision of the Supreme Court in Dobbs v. Jackson Women’s Health Organization.

Sen. Wyden spoke with Steven Bogue, Co-Founder and Managing Principal of Recrue Media, on May 19, 2023, who revealed that to conduct the targeted campaign, his employees used the Near Intelligence website to geofence Planned Parenthood clinics and parking lots. Individuals who visited any of the 600 Planned Parenthood clinics in 48 states were then targeted. The Veritas Society said that in 2020 alone, it conducted a campaign that served 14.3 million ads to women who had visited abortion clinics, with the ads pushed out to their social media pages on Facebook, Instagram, and Snapchat.

A second investigation by The Wall Street Journal into Near Intelligence revealed in October 2023 that the company had also sold geolocation data to the U.S. government. Near Intelligence had provided the data to a defense contractor, which sold the data to the Defense Department and U.S. intelligence agencies. Sen. Wyden spoke with Near Intelligence’s Chief Privacy Officer, Jay Angelo, who explained that the company did not have the technical capabilities to prevent customers from targeting individuals who visited sensitive locations. He also confirmed that Near Intelligence had been providing location data to the defense contractor, AELIUS Exploitation Technologies, for three years and that the geolocation data had been collected without user consent. The Near Intelligence website stated that the data collected would not be provided to governments. Angelo joined Near Intelligence in June 2022 and conducted a review of the company’s practices, which revealed the company was facilitating the sale of geolocation data to the U.S. government. When the review was concluded, those statements were removed from the website.

Near Intelligence had a particularly bad financial year and has filed for bankruptcy. A statement provided in its December 11, 2023 bankruptcy hearing confirmed that former executives are under criminal investigation and that the SEC has initiated an investigation of the company related to a data breach in France, which involved transferring the data of E.U citizens to the U.S. government.

The Federal Trade Commission is cracking down on the collection and sale of geolocation data that has been obtained without consent and has recently settled a complaint with the data broker X-Mode Social/Outlogic. Sen. Wyden requested FTC Chair, the Honorable Lina Khan, prevent Near Intelligence from selling off the data it has collected to another company or data broker during the company’s bankruptcy proceedings and to ensure that the geolocation and device data it holds is permanently deleted. Sen. Wyden explained that in this instance, The Veritas Society conducted a misinformation campaign, but the same geolocation data could be used by right-wing prosecutors in states with bans on abortions to prosecute women who visit abortion clinics in states where abortions are legal.

Sen. Wyden also requested the SEC Chair, the Honorable Gary Gensler, expand the SEC’s investigation of Near Intelligence and investigate whether the misleading statements Near Intelligence provided to Congress about whether geolocation data was obtained with users’ consent violated securities laws. “Federal watchdogs should hold [Near Intelligence] accountable for abusing Americans’ private information,” said Sen. Wyden. “And Congress needs to step up as soon as possible to ensure extremist politicians can’t buy this kind of sensitive data without a warrant.”

The post Senator Calls for FTC, SEC to Hold Data Broker Accountable for Misuse of Geolocation Data appeared first on HIPAA Journal.

California Attorney General Rob Bonta has announced that a $5 million settlement has been agreed with Quest Diagnostics to resolve allegations it illegally dumped hazardous and medical waste and disposed of the unredacted personal health information of patients in regular trash dumpsters. An investigation was conducted into the business practices of Quest Diagnostics that involved 30 inspections at four Quest Diagnostic Laboratories and several of its patient service centers in the state to determine if Quest Diagnostics was complying with California’s Hazardous Waste Control Law, Medical Waste Management Act, Unfair Competition Law, and civil laws that prohibit the disclosure of the personal health information of Californians.

The inspections included reviews of the contents of compactors and dumpsters at Quest facilities which found hundreds of containers of chemicals including reagents and bleach, and electronic waste and batteries. The dumpsters also contained medical waste such as specimen containers that included blood and urine, hazardous waste such as flammable liquids, solvents, and batteries, and unredacted medical information.

Quest Diagnostics was notified about the findings of the inspections and hired an independent environmental auditor to review its waste disposal policies and procedures, which have now been modified. Staff training on the updated policies and procedures has been provided across its four laboratories and more than 600 patient service centers in the state to ensure full compliance with California laws.

“Quest takes patient privacy and the protection of the environment very seriously and has made significant investments to implement industry best practices to ensure hazardous waste, medical waste, and confidential patient information are disposed of properly,” said a spokesperson for Quest Diagnostics. “These include investing in technologies for treatment of biological waste, secured destruction of patient information, programs to maximize recycling efforts and minimize waste-to-landfill disposal, waste-to-energy recovery of non-recyclable wastes, and enhanced waste audit and inspection measures to ensure continued compliance with applicable laws.”

The settlement includes $3,999,500 in civil monetary penalties, $700,000 in costs, and $300,000 for a Supplemental Environmental Project to support environmental training and enforcement in California, and injunctive relief requiring Quest Diagnostics to maintain an environmental compliance program and hire a third-party waste auditor to conduct annual audits and report on its status. The civil monetary penalties will be divided between 10 California counties. The investigation was a collaboration between the office of Attorney General Bonta and the District Attorney’s offices in Alameda, Los Angeles, Monterey, Orange, Sacramento, San Bernardino, San Joaquin, San Mateo, Ventura, and Yolo counties.

“Quest Diagnostics’ illegal disposal of hazardous and medical waste and patient information put families and communities at risk and endangered our environment,” said Attorney General Rob Bonta. “Let today’s settlement send a clear message that my office will hold corporations, including medical services providers, accountable for violations of state environmental and privacy laws. I appreciate the partnership of the district attorneys’ offices across our state that led to this critical settlement.”

Kaiser Foundation Health Plan Foundation Inc. and Kaiser Foundation Hospitals were also investigated over their waste disposal practices and were similarly found to have improperly disposed of hazardous waste, medical waste, and patient information, in violation of state laws. The case was settled for $49 million last September.

The post California AG Agrees $5 Million Settlement with Quest Diagnostics Over Improper Disposal of Waste; Patient Data appeared first on HIPAA Journal.