Security Affairs

MARCH 4, 2024

Consumer groups assert that Meta is not adhering to various rules established by the European privacy regulation GDPR: Fair Processing (Article 5(1)(a)): Personal data must be processed lawfully, fairly, and transparently. Consumer groups claim that Meta’s data collection is unfair and lacks transparency.

Privacy 120

Privacy GDPR Personal data Data collection 120

DLA Piper Privacy Matters

MARCH 6, 2023

Authors: Carolyn Bigg , Yue Lin Lee and Daisy Wong Singapore’s Personal Data Protection Commission (“PDPC”) has issued its first decision on the Legitimate Interests Exception under the PDPA. In the PDPC’s preliminary decision, RedMart was given directions to assess its collection of the ID Photographs.

Personal data 52

Personal data Access Risk Data collection 52

The Last Watchdog

JANUARY 9, 2023

As the world becomes more digital and connected, it is no surprise that data privacy and security is a growing concern for small to medium sized businesses — SMBs. Related: GDPR sets new course for data privacy. It should be no surprise that data security regulations are on the rise. Scarce resources.

Data Privacy 210

Data Privacy Compliance Privacy GDPR 210

DLA Piper Privacy Matters

JUNE 27, 2022

The Italian privacy authority, the Garante, deemed that the use of Google Analytics results in unlawful transfers of personal data to the United States in violation of the principles outlined in the Schrems II ruling. In Order No. The disputed facts. The key points of the Garante’s decision on Google Analytics.

Personal data 98

Personal data Analytics GDPR Privacy 98

Hunton Privacy

FEBRUARY 9, 2024

On February 8, 2024, the French Data Protection Authority (the “CNIL”) announced the priority topics for its inspections in 2024. In 2024, the CNIL will focus its investigations on the following priority topics: Data Collection for the Olympic and Paralympic Games. Loyalty Programs and Electronic Till Receipts.

Data collection 74

Data collection Personal data Privacy Access 74

The Last Watchdog

JULY 27, 2020

It took a global pandemic and the death of George Floyd to put deep-seated social inequities, especially systemic racism, front and center for intense public debate. Related: Will ‘blockchain’ lead to more equitable wealth distribution? This is not just my casual observation. It’s more profound than fire or electricity.”

IT 304

IT Government Artificial Intelligence Personal data 304

Privacy and Cybersecurity Law

JULY 26, 2021

On July 5, 2021, the Italian supervisory authority (“ Garante ”) published an injunction against a company operating a food delivery app (“ Company ”) over the processing of riders’ personal data with respect to the use of algorithms for the management of the orders. Security measures in place. Retention period.

Personal data 52

Personal data GDPR e-Delivery Communications 52

Security Affairs

NOVEMBER 23, 2022

Researchers discovered that analytics data associated with iPhone include Directory Services Identifier (DSID) that could allow identifying users. Researchers at software company Mysk discovered that analytics data collected by iPhone include the Directory Services Identifier (DSID), which could allow identifying users.

Analytics 141

Analytics Privacy Personal data Data collection 141

DLA Piper Privacy Matters

NOVEMBER 16, 2021

The draft Network Data Security Management Regulation (“ Draft Regulation ”) was published for consultation on 14 November 2021, and is very wide-ranging in the compliance areas covered. Organisations are reminded of the need to register with the CAC within 15 working days of identifying “important data”.

Compliance 118

Compliance Personal data Security Risk 118

The Last Watchdog

MAY 26, 2021

Every year, the first Thursday in May serves as a reminder for us to take control of our personal password strategies. With that in mind, what steps can you take to ensure that your personal data is protected at all times? But, unfortunately, we live in a world of constant hacking attempts and security breaches.

Passwords 182

Passwords Security Authentication Paper 182

Schneier on Security

APRIL 24, 2024

I argue that privacy consent should confer less legitimacy and power and that it be backstopped by a set of duties on organizations that process personal data based on consent. As to privacy, consent authorizes and legitimizes a wide range of data collection and processing. Express consent cannot scale.

Privacy 104

Privacy Personal data GDPR Data collection 104

Data Protection Report

JANUARY 20, 2020

2019 saw continued growth and change in data protection and cyber-security across the Asia-Pacific. Following the implementation of the GDPR in May, 2018, many jurisdictions moved to review and strengthen existing data privacy and cyber-security laws. million patients.

Personal data 128

Personal data Security Data Privacy GDPR 128

Hunton Privacy

JUNE 25, 2020

Establishments and companies in the UK will therefore be responsible for the additional collection and potential sharing of customers’ personal data. Any entity engaging in this kind of data collection will need to comply with the requirements of data protection law.

Data collection 98

Data collection Personal data Compliance Retail 98

Hunton Privacy

JULY 14, 2022

Wegmans”) in connection with a cloud storage security issue. The NYOAG alleges that Wegmans exposed the personal information of three million consumers by storing the data in misconfigured cloud storage containers. As a result, the NYOAG alleges Wegmans violated New York data security and consumer protection laws.

Cloud 105

Cloud Security Passwords Data collection 105

Krebs on Security

DECEMBER 20, 2022

In 2017, Equifax disclosed a massive, extended data breach that led to the theft of Social Security Numbers, dates of birth, addresses and other personal information on nearly 150 million people. One reader’s copy of their Equifax Breach Settlement letter. One reader’s copy of their Equifax Breach Settlement letter.

Data breaches 250

Data breaches Data collection Paper Personal data 250

Hunton Privacy

OCTOBER 27, 2022

On October 24, 2022, the Federal Trade Commission announced a proposed consent order with Drizly, an online alcohol ordering and delivery service, and the company’s CEO, for the alleged failure to maintain appropriate security safeguards that led to a data breach that affected 2.5 million consumers’ personal information.

Security 64

Security Information Security IT Data collection 64

Security Affairs

SEPTEMBER 26, 2023

The BORN funded by the government of Ontario disclosed a data breach that impacts some 3.4 BORN Ontario hired cybersecurity experts to mitigate the threat, secure its infrastructure, and investigate the scope of the incident. Nuance launched an investigation into the incident with the help of cyber security experts and a law firm.

Data breaches 120

Data breaches Ransomware Data collection Cybersecurity 120

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. A data subject is the human being who owns the data.

GDPR 83

GDPR Compliance Personal data Privacy 83

Data Protection Report

JULY 12, 2022

In brief, on April 5, 2021, a security researcher contacted Wegmans about a serious flaw the left some of Wegmans’ customers’ personal data available to the public. The NYAG faulted Wegmans on five security areas: access controls, password management, asset management, logging and monitoring, and data collection and retention.

Passwords 105

Passwords Data collection Personal data Cloud 105

Hunton Privacy

NOVEMBER 1, 2022

Right to Request to Exercise Personal Data Rights (Rule 4.02 – Rule 4.07; 6.11). The proposed regulation provides the people of Colorado with a mechanism to protect their personal data rights by making requests directly to data controllers, or businesses who control their personal data.

Privacy 78

Privacy Personal data Data collection Compliance 78

HL Chronicle of Data Protection

JULY 7, 2020

The Dutch Data Protection Authority (DPA) issued a EUR 830,000 (approximately USD 937,000) fine against the Dutch Credit Registration Bureau (BKR) for violating data subject rights. The fine stems from BKR’s practice of charging fees and discouraging individuals who wanted to access their personal data.

GDPR 112

GDPR Personal data Data collection Access 112

eSecurity Planet

MAY 19, 2023

Application security tools and software solutions are designed to identify and mitigate vulnerabilities and threats in software applications. Their main purpose is to protect applications from unauthorized access, data breaches, and malicious attacks.

Security 104

Security Cloud Compliance Risk 104

HL Chronicle of Data Protection

JUNE 13, 2019

On May 28, 2019, the Cyberspace Administration of China (“ CAC “) released the draft Measures on the Administration of Data Security (“ Data Security Measures ” see our in-house English translation here ) for public consultation. The scope of application of the Data Security Measures.

Personal data 40

Personal data IT Data collection Compliance 40

Hunton Privacy

MAY 17, 2023

Related Statutory Amendments in S.B. 262 In addition to the FDBR, S.B. 262 also contains provisions relating to government moderation of social media and protection of children in online spaces. Government Moderation of Social Media S.B.

Privacy 83

Privacy Personal data Sales Government 83

IBM Big Data Hub

FEBRUARY 23, 2024

The GDPR puts forth a litany of rules for how organizations in and outside of Europe handle the personal data of EU residents. The details of any organization’s plan to become fully GDPR compliant will vary based on the data the organization collects and what it does with that data.

GDPR 77

GDPR Compliance Personal data Privacy 77

The Last Watchdog

OCTOBER 17, 2022

This increased demand for apps also raises the need for improved data protection measures, which Google took steps to address with the new data safety section they launched in July 2022. It turns out that free apps share the most user information, a staggering 7 times more data points than paid apps. Greediest data harvesters.

Privacy 192

Privacy Data Privacy Personal data Data collection 192

The Guardian Data Protection

AUGUST 6, 2023

Data protection and digital information bill changes wording on which requests for personal data can be refused Individuals’ control over and access to their data is being undermined by a post-Brexit bill that favours big business and “shady” technology companies, a digital rights group has claimed. Continue reading.

Data collection 66

Data collection Personal data Access IT 66

DLA Piper Privacy Matters

MARCH 24, 2021

Issues to be addressed include: Data privacy: compliant privacy notices/consents must be given to/obtained from customers using or buying via e-commerce or livestreaming platforms, sites, apps and services on or before collection or use of personal data, including appropriate direct marketing opt-ins and unsubscribe functions.

Personal data 111

Personal data Data Privacy Marketing Compliance 111

Hunton Privacy

FEBRUARY 2, 2022

On January 28, 2022, in celebration of Data Privacy Day, the Colorado Attorney General’s Office issued prepared remarks from Colorado Attorney General Phil Weiser and published guidance on data security best practices. Regularly reviewing and updating security policies.

Privacy 102

Privacy Security Data breaches Ransomware 102

Hunton Privacy

MAY 10, 2021

On May 6, 2021, Google announced that beginning in the second quarter of 2022, mobile app developers submitting new apps and app updates to the Google Play store will be required to disclose certain information regarding their apps’ data collection, use, sharing and security practices, as well as provide a privacy policy for their apps.

Privacy 112

Privacy Data Privacy Security Data collection 112

DLA Piper Privacy Matters

APRIL 8, 2019

This fragmentation has, unsurprisingly, lead to a heavy administrative burden for the secondary users of social and health care data by parallel and slow licence procedures with various authorities. The Act complements the GDPR and introduces reinforced data security requirements and strict authorization procedures.

Personal data 68

Personal data GDPR Healthcare Compliance 68

IBM Big Data Hub

APRIL 24, 2024

An online retailer always gets users’ explicit consent before sharing customer data with its partners. A navigation app anonymizes activity data before analyzing it for travel trends. One cannot overstate the importance of data privacy for businesses today. The user can accept or reject each use of their data individually.

Data Privacy 81

Data Privacy Privacy GDPR Personal data 81

Hunton Privacy

NOVEMBER 1, 2021

On October 29, 2021, the Cyberspace Administration of China (“CAC”) released for public comment “Draft Measures on Security Assessment of Cross-border Data Transfer” (“Draft Measures”). or “sensitive” personal information of more than 10,000 individuals; or. Self-Security Assessment. Mandatory Security Assessment.

Security 100

Security Data collection Compliance Risk 100

DLA Piper Privacy Matters

NOVEMBER 17, 2022

On 14 November 2022, the Office of the Privacy Commissioner for Personal Data (“PCPD”) published two investigation reports for non-compliance of the Personal Data (Privacy) Ordinance (“PDPO”): EC Healthcare’s failure to obtain consent for the use, disclosure, and transfer of patient’s personal data across its group entities; and.

Personal data 52

Personal data Data Privacy Compliance Privacy 52

The Guardian Data Protection

JUNE 1, 2021

Senior doctors call on colleagues not to share personal data, in effort to buy time to raise awareness of plans Senior GPs have called on colleagues to refuse to hand over patients’ personal data to NHS Digital, in a move they hope will buy time to raise awareness of plans to place all medical records in England on a central database.

Personal data 98

Personal data Data collection IT Privacy 98

Security Affairs

NOVEMBER 27, 2021

Italy’s antitrust regulator, Autorità Garante della Concorrenza e del Mercato (AGCM), has fined Apple and Google €10 million each their “aggressive” data practices and the lack of transparency on the use of customers’ personal data. ” reads the press release published by the AGCM.

Personal data 106

Personal data Data collection Access Security 106

Security Affairs

APRIL 6, 2023

Phishers also use to share stolen personal data with their subscribers. A package containing features such as 3-D Secure support and support for configuring a phishing website, may cost up to $300. User personal data for sale. Crooks offers data collected through phishing campaign to the subscribers.

Phishing 98

Phishing Sales Archiving Personal data 98