Security Affairs

NOVEMBER 26, 2019

The SDK was designed to display ads, experts noticed that once users of the social networks were logged into either service using one of these applications, the SDK silently accessed their profiles to collect information. “No data from Facebook is collected, shared or monetised by MobiBurn,” reads the statement.

Personal data 136

Personal data IT Access Marketing 136

DLA Piper Privacy Matters

MARCH 6, 2023

Authors: Carolyn Bigg , Yue Lin Lee and Daisy Wong Singapore’s Personal Data Protection Commission (“PDPC”) has issued its first decision on the Legitimate Interests Exception under the PDPA. by way of disclosure in its public data protection policy). The PDPC’s decision may be accessed here.

Personal data 52

Personal data Access Risk Data collection 52

DLA Piper Privacy Matters

JUNE 27, 2022

The Italian privacy authority, the Garante, deemed that the use of Google Analytics results in unlawful transfers of personal data to the United States in violation of the principles outlined in the Schrems II ruling. In Order No. The disputed facts. Code § 1881(b)(4), which subjects the company to the surveillance of U.S.

Personal data 98

Personal data Analytics GDPR Privacy 98

IT Governance

OCTOBER 15, 2018

Under the GDPR, all personal data breaches need to be recorded by the organisation and there should be a clear and defined process for doing so. Understanding what constitutes a personal data breach. The ICO defines a personal data breach as. “…a Examples of personal data breaches in schools.

Personal data 78

Personal data Data breaches Data collection GDPR 78

Security Affairs

JULY 19, 2019

Many security experts are warning of the risks of using the popular app, threat actors could be potentially interested in data collected by FaceApp. Poland’s digital affairs ministry is investigating into the app and it is evaluating the security risks posed by FaceApp to the personal data of its users.

Data collection 83

Data collection Privacy Risk Personal data 83

Hunton Privacy

FEBRUARY 9, 2024

In 2024, the CNIL will focus its investigations on the following priority topics: Data Collection for the Olympic and Paralympic Games. The CNIL also will look into data collection in the context of the ticketing services and the use of such data for commercial purposes. Data of Minors. Right of Access.

Data collection 74

Data collection Personal data Privacy Access 74

Privacy and Cybersecurity Law

JULY 26, 2021

On July 5, 2021, the Italian supervisory authority (“ Garante ”) published an injunction against a company operating a food delivery app (“ Company ”) over the processing of riders’ personal data with respect to the use of algorithms for the management of the orders. Retention period. Security measures in place. The need for a DPIA.

Personal data 52

Personal data GDPR e-Delivery Communications 52

Data Protection Report

FEBRUARY 12, 2019

On 7 February 2019, the German antitrust authority ( Bundeskartellamt , the FCO ) ruled against Facebook combining user personal data from different sources, saying it was exploiting its position as a dominant social media company in violation of the EU data protection laws.

Personal data 40

Personal data Data collection GDPR Marketing 40

Data Protection Report

MAY 21, 2020

On 14 May 2020, the Singapore Ministry of Communications and Information ( MCI ) and the Personal Data Protection Commission of Singapore ( PDPC ) announced a public consultation (the Public Consultation ) on the draft Personal Data Protection (Amendment) Bill (the Draft Bill ) and related amendments to the Spam Control Act ( SCA ).

Personal data 64

Personal data Data breaches Compliance Cybersecurity 64

Data Protection Report

AUGUST 6, 2018

Data protection laws in Asia continue to be introduced and updated. On 22 May 2018, the Thai Cabinet approved in principle a revised draft of Thailand’s first personal data protection act (Draft Act). Thailand currently does not have any specific law regulating data protection. Collection of personal data.

Personal data 40

Personal data Data collection Compliance GDPR 40

The Last Watchdog

JANUARY 9, 2023

A DPIA requires a thorough review of any personal data collected and stored, including who specifically controls the data and who has access at any given time. Paths to compliance.

Data Privacy 210

Data Privacy Compliance Privacy GDPR 210

HL Chronicle of Data Protection

JULY 7, 2020

The Dutch Data Protection Authority (DPA) issued a EUR 830,000 (approximately USD 937,000) fine against the Dutch Credit Registration Bureau (BKR) for violating data subject rights. The fine stems from BKR’s practice of charging fees and discouraging individuals who wanted to access their personal data.

GDPR 112

GDPR Personal data Data collection Access 112

Hunton Privacy

NOVEMBER 1, 2022

The Attorney General’s Office published the CPA Rules in the Colorado Register on October 10, 2022, where the Notice of Proposed Rulemaking, the Statement of Basis, Specific Statutory Authority, and Purpose and the draft CPA Rules are accessible to the public. Right to Request to Exercise Personal Data Rights (Rule 4.02 – Rule 4.07; 6.11).

Privacy 78

Privacy Personal data Data collection Compliance 78

Hunton Privacy

JUNE 23, 2021

On June 17, 2021, Senator Kirsten Gillibrand (D-NY) announced the reintroduction of the Data Protection Act of 2021 (the “bill”), which would create an independent federal agency, the Data Protection Agency, to “regulate high-risk data practices and the collection, processing, and sharing of personal data.”

Personal data 127

Personal data Privacy Data collection Risk 127

Data Protection Report

JULY 12, 2022

In brief, on April 5, 2021, a security researcher contacted Wegmans about a serious flaw the left some of Wegmans’ customers’ personal data available to the public. During its investigation, Wegmans found a second misconfigured container, which was also open to public access.

Passwords 105

Passwords Data collection Personal data Cloud 105

The Guardian Data Protection

AUGUST 6, 2023

Data protection and digital information bill changes wording on which requests for personal data can be refused Individuals’ control over and access to their data is being undermined by a post-Brexit bill that favours big business and “shady” technology companies, a digital rights group has claimed.

Data collection 66

Data collection Personal data Access IT 66

Hunton Privacy

MAY 17, 2023

Unlike the other comprehensive state privacy laws that have been enacted, the FDBR applies to a much narrower subset of entities. Protection of Children in Online Spaces S.B.

Privacy 83

Privacy Personal data Sales Government 83

Data Protection Report

JULY 16, 2020

The terms require users to “consent” to Facebook’s use of personal data, i.e. they are compelled to agree that their personal data may be combined with their personal data from other services within Facebook’s group (e.g. WhatsApp and Instagram), as well as from third party websites.

Personal data 59

Personal data Marketing GDPR Data collection 59

DLA Piper Privacy Matters

OCTOBER 3, 2022

Given data classification and grading are mandatory requirements under the Data Security Law and Personal Information Protection Law, organisations should prioritise understanding their data collected and data processing activities within the coming months. Data classification.

Data collection 98

Data collection Personal data Access Compliance 98

IBM Big Data Hub

APRIL 24, 2024

These are just some examples of how organizations support data privacy , the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used. One cannot overstate the importance of data privacy for businesses today.

Data Privacy 85

Data Privacy Privacy GDPR Personal data 85

Data Matters

FEBRUARY 18, 2021

The updated section relates to access to patient medical records by GCP inspectors from European Economic Area ( EEA ) Member States. When collecting and reporting such data, the sponsor should take into account ethical considerations and all applicable laws and regulations, including data protection legislation.

GDPR 121

GDPR Personal data Access Data collection 121

Hunton Privacy

OCTOBER 25, 2022

The bill, which resembles the recently passed California Age-Appropriate Design Code Act , bans certain data collection and targeted advertising and requires data controllers to, among other obligations, assess the impact of their products on children. Notably, the bill would not exclude pseudonymized data from its requirements.

Data Privacy 118

Data Privacy Privacy Personal data Sales 118

Hunton Privacy

JANUARY 24, 2022

On August 17, 2020, NOYB filed 101 identical complaints before 30 European Economic Area (“EEA”) data protection authorities regarding the use of Google Analytics and Facebook Connect by various companies. The complaints related to the question of whether transfers of EU personal data to Google and Facebook in the U.S.

Analytics 83

Analytics GDPR Personal data Data collection 83

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. A data subject is the human being who owns the data.

GDPR 86

GDPR Compliance Personal data Privacy 86

IBM Big Data Hub

FEBRUARY 23, 2024

The GDPR puts forth a litany of rules for how organizations in and outside of Europe handle the personal data of EU residents. The details of any organization’s plan to become fully GDPR compliant will vary based on the data the organization collects and what it does with that data.

GDPR 81

GDPR Compliance Personal data Privacy 81

Hunton Privacy

OCTOBER 24, 2022

Clearview AI’s facial recognition technology collects publicly available pictures from online websites, including social media, and extracts images from videos available online. Clearview AI markets access to its image database, which consists of a search engine where a person can be searched by using a picture.

Data collection 72

Data collection Personal data GDPR Marketing 72

Privacy and Cybersecurity Law

JUNE 29, 2020

Digital solutions generally create the risk of law enforcement access to the data they collect. Risk mitigation includes publicly available guidelines to assess law enforcement agencies’ access requests and public transparency reports on how many requests were received, granted or rejected. Risk # 5: Data Monetization.

Privacy 89

Privacy Personal data Data collection Risk 89

Hunton Privacy

FEBRUARY 23, 2023

On February 20, 2023, in the case of Experian Limited v The Information Commissioner , the First-Tier Tribunal in the UK (the “ Tribunal ”) ruled on the ICO’s action to require Experian to make changes to how it processes personal data for direct marketing purposes.

Marketing 64

Marketing Personal data GDPR Privacy 64

Hunton Privacy

NOVEMBER 13, 2020

On November 12, 2020, the European Commission published a draft implementing decision on standard contractual clauses for the transfer of personal data to third countries pursuant to the EU General Data Protection Regulation (“GDPR”), along with its draft set of new standard contractual clauses (the “SCCs”). Key Takeaways.

Personal data 105

Personal data GDPR Data collection Access 105

Hunton Privacy

OCTOBER 5, 2017

Last week, at the 39th International Conference of Data Protection and Privacy Commissioners in Hong Kong, data protection authorities from around the world issued non-binding guidance on the processing of personal data collected by connected cars (the “Guidance”).

Privacy 60

Privacy Personal data Data collection Data Privacy 60

CGI

FEBRUARY 18, 2016

Expectations and opportunities in using bank consumer personal data. A top business priority for banks today is to have a complete 360 degree view of customers through the collection and use of personal data. To effectively manage data, it helps to know how consumers expect their information to be used.

Personal data 40

Personal data Marketing Data collection Cybersecurity 40

Hunton Privacy

DECEMBER 1, 2020

Between June 8, 2018 and April 6, 2019, the CNIL received 15 complaints from individuals relating to the exercise of their data protection rights with affiliates of the Carrefour Group. Loyalty program members’ data had been retained for a period of four years from their last activity.

GDPR 91

GDPR Personal data Data collection Marketing 91

DLA Piper Privacy Matters

JUNE 13, 2022

The s upplementary measures implemented by Google – whether contractual, organizational, or technical – are ineffective against access requests by US intelligence services. The setup of Google Analytics does not prevent the transfer of personal data outside the EU since all personal data collected via Google Analytics is hosted in the US.

Analytics 98

Analytics IT Personal data Encryption 98

Data Protection Report

JANUARY 25, 2022

One aspect of the metaverse that raises privacy concerns is the vast amount of personal data that may be collected on participating individuals. Companies can monitor physiological responses and biometric data such as facial expressions, vocal inflections, and vital signs in real time while participants are in their metaverse.

Privacy 115

Privacy Artificial Intelligence Personal data Data collection 115

The Guardian Data Protection

APRIL 25, 2020

But it’s an uphill battle due to a long history of secrecy and failures to live up to promises on security and privacy of Australians’ data. Only the health officers in your state will be able to access the unencrypted data. All the data will be deleted on the government’s server at the end of the pandemic.

Government 99

Government Data breaches Data collection Privacy 99

DLA Piper Privacy Matters

NOVEMBER 17, 2022

On 14 November 2022, the Office of the Privacy Commissioner for Personal Data (“PCPD”) published two investigation reports for non-compliance of the Personal Data (Privacy) Ordinance (“PDPO”): EC Healthcare’s failure to obtain consent for the use, disclosure, and transfer of patient’s personal data across its group entities; and.

Personal data 52

Personal data Data Privacy Compliance Privacy 52

DLA Piper Privacy Matters

NOVEMBER 16, 2021

The draft Network Data Security Management Regulation (“ Draft Regulation ”) was published for consultation on 14 November 2021, and is very wide-ranging in the compliance areas covered. Time to respond to DSRs: data controllers must respond to data subject requests within 15 working days (as compared to 30 days previously).

Compliance 118

Compliance Personal data Security Risk 118