DLA Piper Privacy Matters

AUGUST 1, 2023

On 18 July 2023, Singapore’s Personal Data Protection Commission (“ PDPC ”) issued for public consultation a set of proposed guidelines for the use of personal data in AI recommendation and decision systems (“ Proposed Guidelines ”). This also extends to data sharing within company groups for these purposes.

Personal data 98

Personal data Artificial Intelligence B2B Government 98

Hunton Privacy

JANUARY 20, 2022

On January 12, 2022, the French Data Protection Authority (the “CNIL”) published guidelines on the re-use of personal data by data processors for their own purposes (such as product improvement or the development of new products and services) under the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”).

Personal data 135

Personal data GDPR Encryption IT 135

Data Protection Report

APRIL 5, 2023

The alleged GDPR infringements: The Garante apparently took its action after becoming aware of a recent data breach at ChatGPT, where users’ chat titles and payment information was exposed. A failure to do so could result in Open AI being issued with a fine.

Personal data 109

Personal data GDPR Data breaches Privacy 109

Data Protection Report

MARCH 15, 2024

The judgment of the ECJ is unsurprising given previous case law on the definitions of “personal data” and “controller” under the GDPR and the ECJ’s emphasis that the overarching objective of the GDPR is to “[ ensure] a high level of protection of the fundamental rights and freedoms of natural persons ”.

Personal data 73

Personal data GDPR Access Compliance 73

Data Protection Report

FEBRUARY 16, 2024

The right of access to personal data looks set to be a key focus area for data protection regulators for 2024 in both the EU and the UK. The European Data Protection Board (EDPB) announced that its 2024 co-ordinated enforcement action will look at how controllers implement the right of access to personal data.

Personal data 57

Personal data Access IT 57

DLA Piper Privacy Matters

OCTOBER 21, 2022

Indonesia’s long-awaited Personal Data Protection Law (“PDPL”) finally came into force on 17 October 2022, helpfully consolidating and clarifying the personal data protection framework in Indonesia. Data Protection Officer (DPO). Overseas Data Transfers. The law is primarily consent-based.

Personal data 98

Personal data Compliance Risk Access 98

Data Protector

JULY 22, 2022

In August 2013 the European Commission introduced new rules to require Communication Service Providers to report all personal data breaches, no matter how minor, to local data protection regulators within 24 hours of the incident being detected [Art 2]. Reporting delays would result in providers being subject to ICO fines.

Personal data 120

Personal data Data breaches Communications IT 120

Data Protection Report

JANUARY 16, 2024

On 25 December 2023, the Personal Data Protection Committee ( PDPC ) published two notifications detailing regulations for cross-border transfers of personal data under Sections 28 and 29 ( Notifications ) of the Personal Data Protection Act B.E. 2562 (2019) ( PDPA ). What is next?

Personal data 57

Personal data IT Security Privacy 57

Data Breach Today

NOVEMBER 24, 2020

Exposure Comes as Ireland Probes Facebook's Handling of Children's Data For at least a month, Instagram leaked the email addresses of minors, which occurred as Ireland's Data Protection Commission probed whether its parent company, Facebook, failed to protect children's personal data. Facebook has fixed the issue.

IT 332

IT Personal data 332

Data Protection Report

MARCH 28, 2023

In a recent decision (the Decision ), [1] the Personal Data Protection Commission ( PDPC ) considered for the first time a company’s reliance on the Legitimate Interests Exception (as defined below) under the Personal Data Protection Act 2012 ( PDPA ) when the consent procured is invalid.

Personal data 98

Personal data Risk Access IT 98

Data Protection Report

MARCH 25, 2024

On 1 March 2024, Singapore’s Personal Data Protection Commission ( PDPC ) issued the Advisory Guidelines on the Use of Personal Data in AI Recommendation and Decision Systems ( AI Advisory Guidelines ). It does not discuss the use of personal data in the context of generative AI ( GenAI ) solutions.

Personal data 44

Personal data B2C B2B Data collection 44

DLA Piper Privacy Matters

AUGUST 4, 2022

On 3 August, the Indian Central Government withdrew the Personal Data Protection Bill, 2019 ( PDP Bill ). The PDP Bill, which has drawn criticism from both privacy advocates and industry stakeholders, was first published in 2018 and was to be India’s first law on the protection of personal data.

Personal data 97

Personal data Government Privacy IT 97

Security Affairs

APRIL 11, 2021

An SQL database containing the personal data of 1.3 Researchers from Cyber News have discovered that the personal data of 1.3 million Clubhouse users was leaked online days after LinkedIn and Facebook also suffered data leaks. The post Personal data of 1.3 million scraped Clubhouse user records.

Personal data 139

Personal data Phishing Authentication Passwords 139

The Guardian Data Protection

NOVEMBER 21, 2022

In high court case that could set precedent for millions, Tanya O’Carroll alleges owner Meta is breaking UK data laws A human rights campaigner is suing Facebook’s owner in the high court, claiming the company is disregarding her right to object against the collection of her personal data.

Personal data 96

Personal data IT Privacy Security 96

The Guardian Data Protection

FEBRUARY 12, 2018

Firm to appeal decision by Berlin regional court which upholds complaints that users not given informed consent Facebook’s default privacy settings and use of personal data are against German consumer law, according to a judgement handed down by a Berlin regional court. Continue reading.

Personal data 223

Personal data Privacy GDPR IT 223

Security Affairs

NOVEMBER 26, 2019

Twitter is aware that the malicious SDK was used to access personal data for at least some Twitter account using Android devices, while it has no evidence that the iOS version of this malicious SDK was used in the same way. “No data from Facebook is collected, shared or monetised by MobiBurn,” reads the statement.

Personal data 136

Personal data IT Access Marketing 136

Data Protection Report

FEBRUARY 28, 2020

The Personal Data Protection Act B.E. However, most of the operational provisions, including provisions relating to the rights of a data subject, the obligations of a data controller and the penalties for non-compliance, will become effective on 27 May 2020, 1 year after the PDPA is published. Definition of Personal Data.

Personal data 91

Personal data Compliance Privacy Access 91

Hunton Privacy

JULY 18, 2023

Palazzi from Allende & Brea in Argentina reports that on June 30, 2023, the Argentine Executive Branch sent the new proposed Personal Data Protection Bill (the “Bill”) to the National Congress for consideration. 25,326 of 2000). It is expected to be discussed during the end of 2023 and next year.

Personal data 52

Personal data GDPR Privacy Data Privacy 52

Data Protector

OCTOBER 16, 2020

The existing list of special category data, which has its origins in the types of characteristics that were used in the last century to discriminate against minority groups, does not properly reflect today’s values. Some countries have extended their lists of special category data beyond those set out in European law.

Personal data 156

Personal data GDPR IT Privacy 156

Data Breach Today

JUNE 12, 2018

HR Software Provider Says Names, Addresses, Emails and Phone Numbers Exposed PageUp, an HR software developer based in Australia, is warning that malware-wielding attackers may have accessed a raft of personal data stored in the company's systems.

Personal data 113

Personal data Data breaches Access IT 113

Hunton Privacy

AUGUST 5, 2021

On August 2, 2021, the Italian Data Protection Authority ( Garante per la protezione dei dati personali , “Garante”) announced that it had levied a €2,500,000 fine on Deliveroo Italy s.r.l. Deliveroo was given a period of 60 days to correct the violations, and an additional period of 90 days to correct those related to the algorithm it uses.

Personal data 105

Personal data GDPR IT 105

DLA Piper Privacy Matters

MARCH 1, 2022

Meanwhile, a sometimes popular (mis)conception is that data protection laws – and particularly the GDPR – are a barrier to the effective use of personal data for research. The implication was that data controllers did not fully understand, and therefore were not effectively making use of, the research provisions.

Personal data 104

Personal data GDPR Data collection Archiving 104

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. When must breaches be reported?

Personal data 105

Personal data Data breaches Data collection GDPR 105

Data Protection Report

FEBRUARY 25, 2020

Outbreak of the coronavirus and personal data privacy. There have been several data breach incidents which have given rise to concerns over privacy and potential discrimination against people from Wuhan and Hubei Province. Highlights of the CAC Circular.

Personal data 133

Personal data Big data Data Privacy Data breaches 133

IT Governance

AUGUST 19, 2021

T-Mobile has said that it has been hit by a “highly sophisticated cyberattack” that compromised the personal data of more than 7.8 In a statement , it confirmed that the stolen data included US customers’ full names, dates of birth, Social Security numbers and ID information. million customers.

Personal data 105

Personal data Data breaches Government Access 105

Security Affairs

JANUARY 27, 2023

A Dutch hacker who was arrested at the end of last year claims to have stolen the personal data of almost all Austrians. At the end of November 2022, the Amsterdam police arrested a 25-year-old man from Almere who is suspected of having stolen or traded the personal data of tens of millions of people around the world.

Personal data 86

Personal data Archiving Phishing Security 86

Thales Cloud Protection & Licensing

AUGUST 29, 2023

The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements andrew.gertz@t… Tue, 08/29/2023 - 13:41 Modern-day business transactions heavily rely on international data transfers. The new “data bridge” would extend the EU-US Data Privacy Framework. How do Businesses Comply with GDPR?

Personal data 62

Personal data Data Privacy Privacy GDPR 62

Thales Cloud Protection & Licensing

FEBRUARY 1, 2023

How to Address the Requirements of Personal Data Protection (PDP) Law of Indonesia divya Thu, 02/02/2023 - 06:35 In response to the increased number of attacks targeting the personal data of millions of Indonesian citizens, the government passed the first Personal Data Protection (PDP) Law in 2022.

Personal data 71

Personal data Encryption Data breaches Authentication 71

DLA Piper Privacy Matters

MAY 23, 2023

Vietnam’s long-awaited, first-ever Personal Data Protection Decree (“ PDPD ”) has finally been passed and is scheduled to take effect from 1 July 2023 (save limited grace period exceptions). The most notable provisions of the PDPD relate to the compliance requirements in general processing and cross-border transfers of personal data.

Personal data 52

Personal data Compliance Data Privacy Data breaches 52

Data Protection Report

FEBRUARY 1, 2021

On 29 January 2021, the Personal Data Protection Commission ( PDPC ) announced that certain sections of the Personal Data Protection (Amendment) Act 2020 (the PDPA Amendments ) will take effect from 1 February 2021 – please see PDPC’s announcement here ; the gazetted Commencement Notification here.

Personal data 98

Personal data Data breaches Authentication IT 98

Data Breach Today

MAY 21, 2019

Email Addresses, Phone Numbers for 49 Million People Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company.

Personal data 212

Personal data Passwords IT 212

DLA Piper Privacy Matters

APRIL 11, 2022

Given these higher financial penalties, organisations collecting, using or disclosing personal data in Singapore are recommended to carefully review their existing data protection programmes and processes to ensure compliance with the PDPA. of personal data); and. the Transfer Limitation Obligation (i.e.

Personal data 97

Personal data Compliance Cybersecurity Government 97

Hunton Privacy

MAY 14, 2020

Pakistan’s Ministry of Information Technology and Telecommunication recently introduced a new draft of Pakistan’s Personal Data Protection Bill, 2020 (the “Bill”) and launched a public consultation regarding the same. In addition, personal data may not be transferred to any unauthorized person or system.

Personal data 81

Personal data Data breaches Access Risk 81

Hunton Privacy

JANUARY 15, 2021

On December 16, 2020, the Committee of Experts within India’s Ministry of Electronics and Information Technology (MeitY) (the “Committee”) issued a revised report on the Non-Personal Data Governance Framework (the “NPDF”) for India (the “Revised Committee Report”).

Personal data 68

Personal data Government Privacy IT 68

Hunton Privacy

MAY 29, 2020

The implementation of Thailand’s Personal Data Protection Act B.E. If any data controller is unsure as to whether it falls within the scope of those listed in the Royal Decree as being exempt from compliance with the PDPA until May 31, 2021, it may seek advice from the Personal Data Protection Committee.

Personal data 84

Personal data Compliance Insurance IT 84

KnowBe4

JULY 11, 2022

A recent phishing scam impersonating the Heineken beer brand demonstrates how very little effort is needed by scammers to convince victims to give up all kinds of personal information.

Personal data 95

Personal data Phishing IT Data breaches 95