Security Affairs

JANUARY 21, 2023

by the Irish Data Protection Commission (DPC) for violating the General Data Protection Regulation (GDPR). The inquiry concerned a complaint filed by the non-profit organization NOYB – European Center for Digital Rights on 25 May, 2018. The popular messaging app WhatsApp has been fined €5.5m ” reads the DPC’s announcement.

GDPR 90

GDPR Metadata Encryption Communications 90

Schneier on Security

JANUARY 24, 2023

US law enforcement can access details of money transfers without a warrant through an obscure surveillance program the Arizona attorney general’s office created in 2014. Just another obscure warrantless surveillance program. How is it that Arizona can be in charge of this?

Government 88

Government Access Security IT 88

Schneier on Security

AUGUST 1, 2022

The Amazon company responded to an inquiry from US Senator Ed Markey (D-Mass.), Ring, like other surveillance companies that sell directly to the general public, continues to provide free services to the police, even though they don’t have to. Ring recently revealed how often the answer to that question has been yes.

Access 113

Access IT Privacy 113

The Guardian Data Protection

JULY 11, 2018

ICO to fine baby club Emma’s Diary £140,000 for infraction before 2017 general election The Labour party bought data on more than 1 million new and expectant mothers and their children from a leading baby club ahead of the 2017 general election. Related: What triggered the ICO's political data inquiry? Continue reading.

IT 101

IT Privacy 101

Data Matters

OCTOBER 7, 2022

Both the FTC and state Attorneys General are active in enforcing COPPA, and companies can often be caught off guard by government inquiries scrutinizing their compliance. Achieving compliance, however, is not always straightforward, in part due to a lack of clarity in the FTC’s rule and related guidance.

Compliance 88

Compliance Privacy Marketing Government 88

Krebs on Security

JULY 4, 2020

E-Verify’s consumer-facing portal myE-Verify lets users track and manage employment inquiries made through the E-Verify system. A 2015 study by Google titled “ Secrets, Lies and Account Recovery ” (PDF) found that secret questions generally offer a security level that is far lower than just user-chosen passwords.

Passwords 275

Passwords Authentication Insurance Mining 275

Krebs on Security

JANUARY 25, 2022

Jim spent months sorting out that mess with MSF and other potential lenders, but after a while the inquiries died down. SSN or DLN), bank account number and routing number, home address, email address, phone number and other general loan information. The CFPB later dropped that inquiry. Then on Nov. A portion of the Jan.

Financial Services 209

Financial Services IT Data breaches Authentication 209

Security Affairs

MARCH 3, 2023

At the time, NSO Group’s General Counsel Chaim Gelfand admitted that the company had “made mistakes,” but that after the abuses of its software made the headlines it has canceled several contracts.

Government 96

Government IT Security Information Security 96

eSecurity Planet

MARCH 15, 2024

The successful facilitation of responses generally includes these seven steps: Step 1: User Query A user interacts with the tool by entering a cybersecurity-related command or query. It uses ’embedding’ technology to comb through its archive of hacking data and give complete responses suited to the user’s inquiry.

Cybersecurity 96

Cybersecurity Education Privacy Access 96

The Guardian Data Protection

FEBRUARY 17, 2019

The final report of the Digital, Culture, Media and Sport select committee’s 18-month investigation into disinformation and fake news accused Facebook of purposefully obstructing its inquiry and failing to tackle attempts by Russia to manipulate elections.

Privacy 111

Privacy Government IT 111

CILIP

DECEMBER 11, 2023

Now it’s more likely to be in the form of leading KIM support for public inquiries like Grenfell and Covid, all the while contending with new technology and balancing simultaneous demands for corporate transparency and personal privacy. Regulatory load With burgeoning amounts of information and regulation, is the job getting harder? “The

Government 52

Government Libraries Computer and Electronics Information governance 52

Data Protection Report

JANUARY 16, 2024

Therefore, it could be said that both the Adequacy Country Notification and the Appropriate Safeguard Notification mainly replicate the concept of the cross-border transfer of personal data from the General Data Protection Regulation.

Personal data 57

Personal data IT Security Privacy 57

Krebs on Security

DECEMBER 10, 2019

But on balance, my experience so far is that an initial outreach to the top security person in the organization often results in that inquiry being taken far more seriously. And including this person in my initial outreach makes it much more likely that this individual ends up being on the phone when the company returns my call.

Data breaches 139

Data breaches Information Security Cybersecurity Security 139

IBM Big Data Hub

DECEMBER 4, 2023

As part of our generative AI initiatives, we can demonstrate the ability to use a foundation model with prompt tuning to review the structured and unstructured data within the insurance documents (data associated with the customer query) and provide tailored recommendations concerning the product, contract or general insurance inquiry.

Insurance 56

Insurance Digital transformation Compliance Cloud 56

Schneier on Security

JUNE 7, 2021

But the confusing part is footnote 8: For present purposes, we need not address whether this inquiry turns only on technological (or “code-based”) limitations on access, or instead also looks to limits contained in contracts or policies. It’s a good ruling, and one that will benefit security researchers.

Access 70

Access Security IT 70

The Guardian Data Protection

MAY 22, 2019

The statutory inquiry will probe whether Google’s online Ad Exchange violated general data protection regulations (GDPR) covering the sharing of personal data of internet users, the watchdog said in a statement on Wednesday.

Privacy 47

Privacy Personal data GDPR 47

DLA Piper Privacy Matters

APRIL 27, 2023

The assessment of the appropriateness of those measures must be based on a balancing exercise between the interests of the data subject and the economic interests and technological capacity of the controller, in compliance with the general principle of proportionality. 82 (1) GDPR.

Personal data 52

Personal data GDPR Access Data breaches 52

Security Affairs

APRIL 1, 2023

An inquiry into the facts of the case was initiated as well.” If the company will fail to notify Italy’s data protection agency it will be fined up to EUR 20 million or 4% of the total worldwide annual turnover in compliance to the General Data Protection Regulation (GDPR).

Privacy 96

Privacy Personal data GDPR Compliance 96

Data Protection Report

FEBRUARY 2, 2024

An insurer that uses ECDIS should be able to demonstrate that it is “supported by generally accepted actuarial standards of practices and are based on actual or reasonably anticipated experience.” Finally, insurers should implement a procedure to field complaints and inquiries from consumers regarding its use of AIS or ECDIS.

Insurance 76

Insurance Artificial Intelligence Risk Compliance 76

Data Matters

JULY 14, 2022

The Standard Contract Regulation consists of 13 articles which set out the general rules and requirements for companies to legitimize cross-border transfers of personal information based on the standard contract and an accompanying schedule (i.e., Companies have until July 29 to submit their comments and suggestions via email or letter.

Compliance 97

Compliance Risk Data breaches Cybersecurity 97

IT Governance

MARCH 17, 2022

The tech giant, formerly known as Facebook, violated several GDPR (General Data Protection Regulation) requirements, and more than 30 million people have been affected. The DPC began its inquiry in 2018 – shortly after the GDPR took effect – after it received a dozen breach notifications from Facebook.

GDPR 98

GDPR Personal data Encryption Compliance 98

eDiscovery Daily

JANUARY 6, 2022

To get the ball rolling, counsel can prepare a list of general questions: What data types need to be collected? General questions like these build a solid foundation for deeper inquiries and concerns. [1]. How should the scope of discovery be defined? What pace is needed to meet court-established deadlines?

e-Discovery 78

e-Discovery Data preservation Information governance Government 78

Hunton Privacy

JANUARY 20, 2023

On January 4, 2023, the Irish Data Protection Commission (“DPC”) announced the conclusion of two inquiries into the data processing practices of Meta Platforms, Inc. Meta”) with respect to the company’s Instagram and Facebook platforms.

GDPR 55

GDPR Personal data Compliance Privacy 55

Data Matters

JANUARY 12, 2022

While the FINRA Enforcement Department has generally focused on bringing settled actions against registered representatives for off-channel digital communications, FINRA has brought cases of more limited scope under the same theory as the SEC’s December 17 enforcement action. The SEC action may embolden FINRA Enforcement in two ways.

Communications 88

Communications Marketing Compliance Security 88

Krebs on Security

SEPTEMBER 21, 2018

And because each credit inquiry caused by a creditor has the potential to lower your credit score, the freeze also helps protect your score, which is what most lenders use to decide whether to grant you credit when you truly do want it and apply for it. view your credit file).

Insurance 277

Insurance Marketing Military Security 277

Hunton Privacy

MARCH 24, 2021

The Provisions generally are consistent with the draft version previously issued for public comments on December 1, 2020 and include additional details, as well as new provisions relating to ticketing applications ( e.g. , those for purchasing seats at performances).

e-Delivery 92

e-Delivery Sales Education Cybersecurity 92

The Guardian Data Protection

JULY 9, 2019

The Commonwealth Ombudsman has revealed to an inquiry into the encryption act that agencies are already using the powers and called for the home affairs minister Peter Dutton’s ability to censor its reports on the process to be revoked.

Encryption 46

Encryption Metadata Access IT 46

Krebs on Security

JUNE 3, 2020

An exhaustive inquiry published today by a consortium of investigative journalists says a three-part series KrebsOnSecurity published in 2015 on a Romanian ATM skimming gang operating in Mexico’s top tourist destinations disrupted their highly profitable business, which raked in an estimated $1.2 With a street ATM, no so much.

Paper 347

Paper Access Communications Marketing 347

Data Matters

NOVEMBER 16, 2017

Corporate deals often covered the risk with a general compliance with law representation, and companies provided notice of data breaches 30, 45 or more days after the fact. Cybersecurity insurance was a relatively new—and far from prevalent—concept. For example, an FTC complaint recently filed in federal court (Federal Trade Commission v.

Data breaches 60

Data breaches Cybersecurity Risk Compliance 60

Data Matters

SEPTEMBER 6, 2022

The California Attorney General issued its first CCPA fine based on a company’s alleged failure to provide sale opt-outs for third-party advertising cookies and not recognize the Global Privacy Control signal. Just like the original version of CCPA, the Attorney General has sole enforcement powers (e.g.,

Privacy 197

Privacy B2B Sales Compliance 197

Data Matters

JUNE 11, 2018

A data broker that fails to adopt and maintain the specified measures will be in violation of Vermont’s consumer protection laws and subject to enforcement actions by either the Attorney General or by a private citizen by virtue of declaring these violations unfair and deceptive practices or acts under Vermont’s Little FTC Act.

Privacy 60

Privacy Sales Data breaches Personal data 60

Krebs on Security

MARCH 1, 2022

It is also clear from reading these logs that the Russians did little with this information until October 2021, when Conti’s top generals began receiving tips from their Russian law enforcement sources that the investigation was being rekindled. Actually, they are interested in the Trickbot, and some other viruses.

Ransomware 260

Ransomware Government Security IT 260

IT Governance

AUGUST 2, 2018

The ICO (Information Commissioner’s Office) recently issued a fine of £200,000 to the Independent Inquiry into Child Sexual Abuse for incorrectly sending a bulk email to 90 recipients rather than Bcc’ing (blind carbon copy) them in. A key reason for the fine was the lack of knowledge and training of staff relating to sending bulk emails.

GDPR 61

GDPR Data breaches Personal data Risk 61

Security Affairs

APRIL 26, 2022

“According to audiovisual recordings of an A6 presentation reviewed by The Intercept and Tech Inquiry, the firm claims that it can track roughly 3 billion devices in real time, equivalent to a fifth of the world’s population.” government was able to spy on Russian the army before the invasion.

Government 98

Government Access IT Privacy 98

IBM Big Data Hub

DECEMBER 13, 2023

They can send an email to a general support email address where it can be routed to the most appropriate member of the customer support team. And now generative AI has further potential to significantly transform customer and field service with the ability to understand complex inquiries and generate more human-like, conversational responses.

Customer Experience 79

Customer Experience Artificial Intelligence Communications Marketing 79

IT Governance

APRIL 27, 2018

The Information Commissioner’s Office (ICO) has said: “We are aware of a potential data breach in relation to TSB and are making inquiries.”.

Data breaches 83

Data breaches Data migration GDPR Information Security 83

eDiscovery Daily

SEPTEMBER 16, 2019

You didn’t think companies that make a lot of their revenue in online advertising were going to just roll over when Europe’s General Data Protection Regulation (GDPR) was enacted to protect personal information, did you? Apparently not, as this article discusses.

Data Privacy 38

Data Privacy Privacy GDPR Education 38