In a significant move, Minnesota has successfully passed legislation aimed at safeguarding student privacy regarding educational data. The newly enacted bill, set to take effect from the 2022-23 school year and onwards, establishes crucial guidelines for technology providers involved in contractual agreements with educational institutions.
Under this legislation, it is explicitly stated that technology providers do not have ownership rights over any educational data generated, acquired, or shared through their association with an educational institution. Furthermore, these providers are strictly prohibited from utilizing such data for any commercial purposes, including marketing or advertising.
Minnesota has implemented a state law to govern the usage of drones by law enforcement agencies, as reported by the StarTribune. The legislation explicitly prohibits the deployment of drones for facial recognition purposes or the collection of data at public demonstrations without a valid warrant. Additionally, the law mandates that agencies must provide an annual report on their drone usage and make their drone policies publicly available on their websites. In 2020, the Minnesota Bureau of Criminal Apprehension received reports from 106 agencies regarding their drone activities. This law aims to ensure accountability, transparency, and protection of privacy in law enforcement's drone operations.
According to The Verge, Minneapolis, Minnesota, has enacted an ordinance that prohibits the Minneapolis Police Department and other city agencies from utilizing facial recognition technology. The ban encompasses the use of Clearview AI software. However, there is an appeals process in place, allowing city agencies to request exemptions from the ban. Minneapolis Police Chief Medaria Arradondo expressed his belief that facial recognition technology can be used appropriately while upholding data privacy and other legal protections for citizens. This ban reflects the city's commitment to strike a balance between public safety and safeguarding individual rights in the realm of facial recognition technology.
Minneapolis bans police use of facial recognition
TechCrunch reports that the police in Minneapolis, Minnesota, utilized a geofence warrant to acquire data from Google after racially charged protests turned violent in May. The warrant compelled Google to provide "anonymized" information about account holders within the designated area. Critics argue that geofence warrants capture data of innocent individuals, as exemplified by Said Abdullahi, who received an email from Google notifying him that his information was being shared with the police. Abdullahi, who was merely recording the protests, vehemently denies any involvement in the violence. He criticizes the police for presuming guilt on all individuals present in the area on that day.
Minneapolis police file geofence warrant to identify protestors
KSTP reports that internal documents have revealed a breach in the privacy of COVID-19 patients in Minnesota, as their addresses were compromised. This breach occurred due to an executive order issued by Gov. Tim Walz, a Democrat from Minnesota, which permitted the sharing of patients' addresses with first responders by the state departments of health and public safety. Protocols were established to protect individuals' identities; however, the documents indicate that these protocols were not followed. Disturbingly, emails containing the sensitive information were sent to approximately 193 recipients, likely including all 911 dispatch centers across the state.
According to the StarTribune, Children's Minnesota and Allina Health hospitals and clinics have suffered a significant data breach, ranking as the second-largest healthcare breach in the state's history. The breach occurred as a result of a ransomware attack on Blackbaud. The personal data of over 160,000 patients and donors at Children's Minnesota and more than 200,000 individuals associated with Allina Health has been compromised. Allina Health stated that the exposed data may include names, addresses, and potentially medical information. Meanwhile, Children's Minnesota disclosed that the breached data includes patients' names, birthdates, addresses, phone numbers, as well as medical and treatment details.
Minn. hospitals hit by data breach
NOTE: you might have to subscribe to read full story.
The IAPP (International Association of Privacy Professionals) has received confirmation that its Privacy Law Specialist (PLS) certification has been accredited by the Minnesota Board of Legal Certification, as reported by the IAPP. This approval follows a thorough evaluation of the IAPP's application during the board's monthly meeting held on June 20.
The PLS certification, which is endorsed by the American Bar Association, grants attorneys the right to advertise their specialization in privacy law. This recognition aligns with U.S. legal standards, allowing attorneys certified by a recognized and reputable organization to highlight their expertise in a specific legal domain. Previously, Minnesota was one of 13 states that acknowledged the PLS certification but required additional state accreditation. With this recent approval, Minnesota becomes one of only two states, alongside Alabama, to fully endorse the PLS recognition on their official lists of legal specializations.