Expert insights. Personalized for you.
From a global perspective, data protection regulation has moved forward significantly since that time, so a review of the PDPO is timely. MORE
Thousands of customers' credit card numbers, MoviePass card numbers, and sensitive data were left in an unprotected database MORE
A Walmart jewelry partners' misconfigured AWS S3 bucket left personal details and contact information of 1.3 Cloud Security Featured Privacy Web Security AWS AWS S3 Bucket data leak Leaky Bucket personal datamillion customers in plain sight. MORE
A vulnerability in British Airways' e-ticketing system could enable a bad actor to view passengers' personal data or change their booking information. Hacks Vulnerabilities British Airways British airways data breach Data Privacy Data security e-ticketing flaw Encryption MORE
The implementation of Thailand’s Personal Data Protection Act B.E. Those data controllers for whom compliance has been deferred include agencies and operators of prescribed businesses specified in the Royal Decree on Agencies and Businesses Not Subject to the PDPA B.E. MORE
Some third-party apps quietly scraped personal information from people’s accounts from Twitter and Facebook, the social media companies claim. Facebook and Twitter revealed that some third-party apps quietly scraped personal information from people’s accounts without their consent. “No data from Facebook is collected, shared or monetised by MobiBurn,” reads the statement. SecurityAffairs – Twitter, data harversting). MORE
Researchers found it was possible to spoof SMS messages from TikTok and exploit an API flaw that could grant access to users' personal data MORE
But this is a tricky area to navigate, particularly following the General Data Protection Regulation ( GDPR ), since both the ICO and the FCA have started to pay more attention to this area. What are the legal mechanisms to sell or utilise personal data in an insolvency situation? MORE
Data-driven technologies are an inevitable feature of modern political campaigning. All the data-driven methods presented in this guide would not exist without the commercial digital marketing and advertising industry. From analysing behavioural data to A/B testing and from geotargeting to psychometric profiling, political parties are using the same techniques to sell political candidates to voters that companies use to sell shoes to consumers. MORE
A recent experiment found all sorts of personal data left on used laptops and smartphones. This should come as no surprise. Simson Garfinkel performed the same experiment in 2003, with similar results. computersecurity dataloss dataprotection MORE
The Personal Data Protection Act B.E. However, most of the operational provisions, including provisions relating to the rights of a data subject, the obligations of a data controller and the penalties for non-compliance, will become effective on 27 May 2020, 1 year after the PDPA is published. Definition of Personal Data. Person ” means a natural person. When monitoring of data subjects’ behavior is taken place in Thailand. MORE
A database allegedly belonging to Ariix Italia was exposed online on an unsecured Amazon S3 bucket, it includes 30,000+ Italian sales agents’ personal data. The database also contains sales representative enrollment contracts that include personally identifiable information such as full names, addresses, tax identification numbers, and signatures of mostly Italian citizens. As of June 5, the Ariix Italia data bucket has been closed and is no longer accessible. MORE
Now that the EU GDPR (General Data Protection Regulation) has been in effect for over a year, you’ve likely become acquainted with the term ‘personal data’ But what exactly does personal data mean? And did you know that the GDPR includes a sub-category of sensitive personal data that comes with its own requirements? What is personal data? Location data. What is sensitive personal data? MORE
Chancellor Angela Merkel Among the Victims of Massive Hack Attack and Data Leak Hundreds of members of the German parliament, Chancellor Angela Merkel as well as numerous local celebrities have had their personal details and communications stolen and leaked online as part of what authorities are calling an attack on the country's democracy and institutions MORE
An integral part of your EU General Data Protection Regulation (GDPR) compliance project is producing appropriate documentation, which includes a personal data breach notification procedure. What is a personal data breach? The UK Information Commissioner’s Office (ICO) defines a personal data breach as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data”. MORE
Australian Bank Says Customer Data Sent to Two Service Providers National Australia Bank says it is contacting 13,000 customers after personal account data was uploaded without authorization to two data service providers. The bank, which apologized, says the data has been deleted and was not disclosed further MORE
In an excellent blog post , Brian Krebs makes clear something I have been saying for a while: Likewise for individuals, it pays to accept two unfortunate and harsh realities: Reality #1: Bad guys already have access to personal data points that you may believe should be secret but which nevertheless aren't, including your credit card information, Social Security number, mother's maiden name, date of birth, address, previous addresses, phone number, and yes even your credit file. MORE
Now that the EU GDPR (General Data Protection Regulation) has been in effect for a couple of months, you’ve hopefully become acquainted with its definition of personal data: “any information relating to an identified or identifiable natural person”. What is personal data? MORE
The Turkish Personal Data Protection Authority fined Facebook $270,000 for the Photo API bug that exposed personal photos of 300,000 Turkish users. The Turkish Personal Data Protection Authority (KVKK) has fined Facebook 1.65 million Turkish lira ($270,000) for the Photo A PI bug that exposed personal photos of 300,000 Turkish users. The post Turkish Personal Data Protection Authority fined Facebook for Photo API bug appeared first on Security Affairs. MORE
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices. IoT Privacy Vulnerabilities amazon Amazon Alexa Data Privacy flaw personal data vulnerability MORE
Email Addresses, Phone Numbers for 49 Million People Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company. MORE
IoT Privacy Data Finance Ford hackett personal data scooter spinFord's CEO sees the tech company model as key to the company's next chapter. MORE
Researchers find more than 1,000 apps in the Google Play store that gather personal data even when the user has denied permission MORE
The leaked data includes photos, videos, and birthdates of babies, as well as 800,000 email addresses, location data as well as detailed device information. . The leaked data was discovered by Dan Ehrlich of the security consulting firm Twelve Security. Data privacy and security come as our priority. Bithouse has yet to comment on the leak or take the leaked data offline. Data Security Data breach Privacy featured elasticsearch data leak peekaboo MORE
Jared Walker of Zasio writes a great blog post on Pandemics and Personal Data. The post Pandemics and Personal Data appeared first on IG GURU. Business Education GDPR IG News Information Governance information privacy Privacy Risk News Sponsored COVID-19 Europe Health Information HIPAA Italy Jared Walker Medical Information Pandemic Singapore Zasio MORE
On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes. The scope of personal data. Let’s start with the circumstances under which the processing of personal data must meet the GDPR’s requirements. What constitutes personal data? MORE
CyberNews reported the discovery of an unsecured Amazon S3 bucket containing users’ passports, driver’s licenses and other personal data. What data is in the bucket. With that information, hackers can commit identity theft, including taking out loans or other services in these victims’ names, or simply use the data as part of targeted phishing campaigns. This includes devices that have sensitive data, or devices that control critical administrative functions.”. MORE
As businesses subject to the California Consumer Privacy Act (CCPA) develop and implement policies and procedures to comply with the law, they may want to revisit, or develop an employee personal data protection policy. Why Address an Employee Personal Data Protection Policy Now? MORE
When organisations transfer data, they inevitably compromise its security to some degree. There’s not much organisations can do to eliminate data loss, so the problem becomes how to reduce the damage once the data is exposed? This is a particularly pressing concern with the EU General Data Protection Regulation (GDPR) taking effect this year. Data transfers. Although transferring data is often risky, it’s usually necessary. MORE
Pakistan’s Ministry of Information Technology and Telecommunication recently introduced a new draft of Pakistan’s Personal Data Protection Bill, 2020 (the “Bill”) and launched a public consultation regarding the same. In addition, under the Bill, the federal government would, within six months of coming into force, establish a Personal Data Protection Authority of Pakistan with rulemaking authority to enforce the act. MORE
Outbreak of the coronavirus and personal data privacy. In order to control the outbreak and track the spread of the virus, Chinese health authorities and other stakeholders ranging from airlines, rail operators and property management companies have collected a large amount of personal data, including data on individuals who have recently travelled to Wuhan or who have been in contact with those who have developed symptoms of infection. MORE
Firm to appeal decision by Berlin regional court which upholds complaints that users not given informed consent Facebook’s default privacy settings and use of personal data are against German consumer law, according to a judgement handed down by a Berlin regional court. The court found that Facebook collects and uses personal data without providing enough information to its members for them to render meaningful consent. MORE
Consent Requirement for Collection of Personal Information. In other words, unauthorized parties cannot collect the personal information of data subjects without their consent for the purposes of prevention and control of epidemics and disease. Disclosure of Personal Information. MORE
HR Software Provider Says Names, Addresses, Emails and Phone Numbers Exposed PageUp, an HR software developer based in Australia, is warning that malware-wielding attackers may have accessed a raft of personal data stored in the company's systems. The breach may be the largest to have hit Australia since its mandatory data breach notification law went into effect in February MORE
On July 13, 2020, a Committee of Experts within India’s Ministry of Electronics and Information Technology (“the Committee”) published the first draft of a Non-Personal Data Governance Framework for India for public consultation. In drafting the framework, the Committee studied various issues relating to non-personal data and has put forward recommendations for consideration by the Indian Government on the regulation of non-personal data. MORE
The Federal Emergency Management Agency failed to properly protect the personal information of 2.3 A partially redacted memo issued by the Office of the Inspector General of the Department of Homeland Security stated that FEMA released the personally identifiable information of 2.3 FEMA is no longer sharing unnecessary data with the contractor and has conducted a detailed review of the contractor’s information system. The post FEMA Leaked Personal Data of 2.3 MORE
teeters on the edge of a "no deal" Brexit, the country's information commissioner has warned businesses to prepare, saying that any organization that handles Europeans' personal data must ensure they have a legal transfer arrangement in place for continuing to do so Privacy Watchdog Orders Businesses to Prepare as UK Teeters on Edge of 'No Deal' As the U.K. MORE
The Irish Court of Appeal has clarified the scope of the definition of personal data – noting that, while the definition is deliberately very broad, it does not facilitate access by an individual to reports stemming from a complaint for the sole reason that the complaint was made by that individual. On 1 July 2020, the Court of Appeal issued a judgment in the case Nowak v Data Protection Commissioner. Mr Nowak then submitted a data access request to PwC. Summary. MORE
On May 27, 2019, Thailand’s Personal Data Protection Act B.E. Although now effective, the main operative provisions concerning personal data protection (including requests for data subjects’ consent; collection/use and disclosure of personal data; rights of data subjects; complaints; civil liabilities and penalties) will not come into force until one year after their publication in the Government Gazette ( i.e. , on May 28, 2020). MORE
On June 23, 2020, the German Federal Court of Justice (the Bundesgerichtshof , or “BGH”) issued a decision confirming the enforceability, in preliminary proceedings, of the order of the German Federal Cartel Office (the “ Bundeskartellamt ”) against Facebook’s data practices. On February 2, 2019, the Bundeskartellamt issued an order prohibiting Facebook from combining user data from different sources. Competition law and data protection go hand in hand. MORE
Personal data Related Topics 
Data Breach Today
MAY 21, 2019
Email Addresses, Phone Numbers for 49 Million People Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company.
Threatpost
AUGUST 13, 2020
Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices. IoT Privacy Vulnerabilities amazon Amazon Alexa Data Privacy flaw personal data vulnerability
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
InfoGoTo
FEBRUARY 27, 2020
As businesses subject to the California Consumer Privacy Act (CCPA) develop and implement policies and procedures to comply with the law, they may want to revisit, or develop an employee personal data protection policy. Why Address an Employee Personal Data Protection Policy Now?
Data Breach Today
JUNE 12, 2018
HR Software Provider Says Names, Addresses, Emails and Phone Numbers Exposed PageUp, an HR software developer based in Australia, is warning that malware-wielding attackers may have accessed a raft of personal data stored in the company's systems. The breach may be the largest to have hit Australia since its mandatory data breach notification law went into effect in February
Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.
Data Breach Today
JULY 29, 2019
Australian Bank Says Customer Data Sent to Two Service Providers National Australia Bank says it is contacting 13,000 customers after personal account data was uploaded without authorization to two data service providers. The bank, which apologized, says the data has been deleted and was not disclosed further
|
Data Breach Today
FEBRUARY 1, 2019
teeters on the edge of a "no deal" Brexit, the country's information commissioner has warned businesses to prepare, saying that any organization that handles Europeans' personal data must ensure they have a legal transfer arrangement in place for continuing to do so Privacy Watchdog Orders Businesses to Prepare as UK Teeters on Edge of 'No Deal' As the U.K.
Data Breach Today
JANUARY 4, 2019
Chancellor Angela Merkel Among the Victims of Massive Hack Attack and Data Leak Hundreds of members of the German parliament, Chancellor Angela Merkel as well as numerous local celebrities have had their personal details and communications stolen and leaked online as part of what authorities are calling an attack on the country's democracy and institutions
Data Protection Report
JUNE 1, 2020
But this is a tricky area to navigate, particularly following the General Data Protection Regulation ( GDPR ), since both the ICO and the FCA have started to pay more attention to this area. What are the legal mechanisms to sell or utilise personal data in an insolvency situation?
Schneier on Security
MARCH 26, 2019
A recent experiment found all sorts of personal data left on used laptops and smartphones. This should come as no surprise. Simson Garfinkel performed the same experiment in 2003, with similar results. computersecurity dataloss dataprotection
Hunton Privacy
MAY 29, 2020
The implementation of Thailand’s Personal Data Protection Act B.E. Those data controllers for whom compliance has been deferred include agencies and operators of prescribed businesses specified in the Royal Decree on Agencies and Businesses Not Subject to the PDPA B.E.
|
|
Schneier on Security
DECEMBER 6, 2018
In an excellent blog post , Brian Krebs makes clear something I have been saying for a while: Likewise for individuals, it pays to accept two unfortunate and harsh realities: Reality #1: Bad guys already have access to personal data points that you may believe should be secret but which nevertheless aren't, including your credit card information, Social Security number, mother's maiden name, date of birth, address, previous addresses, phone number, and yes even your credit file.
IT Governance
APRIL 10, 2019
On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes. The scope of personal data. Let’s start with the circumstances under which the processing of personal data must meet the GDPR’s requirements. What constitutes personal data?
Schneier on Security
APRIL 3, 2019
Data-driven technologies are an inevitable feature of modern political campaigning. All the data-driven methods presented in this guide would not exist without the commercial digital marketing and advertising industry. From analysing behavioural data to A/B testing and from geotargeting to psychometric profiling, political parties are using the same techniques to sell political candidates to voters that companies use to sell shoes to consumers.
Adam Levin
JANUARY 15, 2020
The leaked data includes photos, videos, and birthdates of babies, as well as 800,000 email addresses, location data as well as detailed device information. . The leaked data was discovered by Dan Ehrlich of the security consulting firm Twelve Security. Data privacy and security come as our priority. Bithouse has yet to comment on the leak or take the leaked data offline. Data Security Data breach Privacy featured elasticsearch data leak peekaboo
Data Protection Report
FEBRUARY 28, 2020
The Personal Data Protection Act B.E. However, most of the operational provisions, including provisions relating to the rights of a data subject, the obligations of a data controller and the penalties for non-compliance, will become effective on 27 May 2020, 1 year after the PDPA is published. Definition of Personal Data. Person ” means a natural person. When monitoring of data subjects’ behavior is taken place in Thailand.
DLA Piper Privacy Matters
JULY 21, 2020
The Irish Court of Appeal has clarified the scope of the definition of personal data – noting that, while the definition is deliberately very broad, it does not facilitate access by an individual to reports stemming from a complaint for the sole reason that the complaint was made by that individual. On 1 July 2020, the Court of Appeal issued a judgment in the case Nowak v Data Protection Commissioner. Mr Nowak then submitted a data access request to PwC. Summary.
Hunton Privacy
MAY 14, 2020
Pakistan’s Ministry of Information Technology and Telecommunication recently introduced a new draft of Pakistan’s Personal Data Protection Bill, 2020 (the “Bill”) and launched a public consultation regarding the same. In addition, under the Bill, the federal government would, within six months of coming into force, establish a Personal Data Protection Authority of Pakistan with rulemaking authority to enforce the act.
Hunton Privacy
MAY 30, 2019
On May 27, 2019, Thailand’s Personal Data Protection Act B.E. Although now effective, the main operative provisions concerning personal data protection (including requests for data subjects’ consent; collection/use and disclosure of personal data; rights of data subjects; complaints; civil liabilities and penalties) will not come into force until one year after their publication in the Government Gazette ( i.e. , on May 28, 2020).
Threatpost
NOVEMBER 19, 2018
IoT Privacy Data Finance Ford hackett personal data scooter spinFord's CEO sees the tech company model as key to the company's next chapter.
Hunton Privacy
FEBRUARY 18, 2020
Consent Requirement for Collection of Personal Information. In other words, unauthorized parties cannot collect the personal information of data subjects without their consent for the purposes of prevention and control of epidemics and disease. Disclosure of Personal Information.
Dark Reading
JANUARY 8, 2020
Researchers found it was possible to spoof SMS messages from TikTok and exploit an API flaw that could grant access to users' personal data
HL Chronicle of Data Protection
JANUARY 22, 2020
From a global perspective, data protection regulation has moved forward significantly since that time, so a review of the PDPO is timely.
Data Protection Report
FEBRUARY 25, 2020
Outbreak of the coronavirus and personal data privacy. In order to control the outbreak and track the spread of the virus, Chinese health authorities and other stakeholders ranging from airlines, rail operators and property management companies have collected a large amount of personal data, including data on individuals who have recently travelled to Wuhan or who have been in contact with those who have developed symptoms of infection.
IT Governance
JULY 18, 2018
Now that the EU GDPR (General Data Protection Regulation) has been in effect for a couple of months, you’ve hopefully become acquainted with its definition of personal data: “any information relating to an identified or identifiable natural person”. What is personal data?
IT Governance
JULY 29, 2019
Now that the EU GDPR (General Data Protection Regulation) has been in effect for over a year, you’ve likely become acquainted with the term ‘personal data’ But what exactly does personal data mean? And did you know that the GDPR includes a sub-category of sensitive personal data that comes with its own requirements? What is personal data? Location data. What is sensitive personal data?
Hunton Privacy
AUGUST 7, 2020
On July 13, 2020, a Committee of Experts within India’s Ministry of Electronics and Information Technology (“the Committee”) published the first draft of a Non-Personal Data Governance Framework for India for public consultation. In drafting the framework, the Committee studied various issues relating to non-personal data and has put forward recommendations for consideration by the Indian Government on the regulation of non-personal data.
Security Affairs
MAY 12, 2019
The Turkish Personal Data Protection Authority fined Facebook $270,000 for the Photo API bug that exposed personal photos of 300,000 Turkish users. The Turkish Personal Data Protection Authority (KVKK) has fined Facebook 1.65 million Turkish lira ($270,000) for the Photo A PI bug that exposed personal photos of 300,000 Turkish users. The post Turkish Personal Data Protection Authority fined Facebook for Photo API bug appeared first on Security Affairs.
Dark Reading
AUGUST 21, 2019
Thousands of customers' credit card numbers, MoviePass card numbers, and sensitive data were left in an unprotected database
Threatpost
AUGUST 13, 2019
A vulnerability in British Airways' e-ticketing system could enable a bad actor to view passengers' personal data or change their booking information. Hacks Vulnerabilities British Airways British airways data breach Data Privacy Data security e-ticketing flaw Encryption
Dark Reading
JULY 8, 2019
Researchers find more than 1,000 apps in the Google Play store that gather personal data even when the user has denied permission
The Guardian Data Protection
FEBRUARY 12, 2018
Firm to appeal decision by Berlin regional court which upholds complaints that users not given informed consent Facebook’s default privacy settings and use of personal data are against German consumer law, according to a judgement handed down by a Berlin regional court. The court found that Facebook collects and uses personal data without providing enough information to its members for them to render meaningful consent.
Security Affairs
JULY 15, 2020
CyberNews reported the discovery of an unsecured Amazon S3 bucket containing users’ passports, driver’s licenses and other personal data. What data is in the bucket. With that information, hackers can commit identity theft, including taking out loans or other services in these victims’ names, or simply use the data as part of targeted phishing campaigns. This includes devices that have sensitive data, or devices that control critical administrative functions.”.
Hunton Privacy
JUNE 30, 2020
On June 23, 2020, the German Federal Court of Justice (the Bundesgerichtshof , or “BGH”) issued a decision confirming the enforceability, in preliminary proceedings, of the order of the German Federal Cartel Office (the “ Bundeskartellamt ”) against Facebook’s data practices. On February 2, 2019, the Bundeskartellamt issued an order prohibiting Facebook from combining user data from different sources. Competition law and data protection go hand in hand.
Adam Levin
MARCH 27, 2019
The Federal Emergency Management Agency failed to properly protect the personal information of 2.3 A partially redacted memo issued by the Office of the Inspector General of the Department of Homeland Security stated that FEMA released the personally identifiable information of 2.3 FEMA is no longer sharing unnecessary data with the contractor and has conducted a detailed review of the contractor’s information system. The post FEMA Leaked Personal Data of 2.3
Security Affairs
JUNE 16, 2020
A database allegedly belonging to Ariix Italia was exposed online on an unsecured Amazon S3 bucket, it includes 30,000+ Italian sales agents’ personal data. The database also contains sales representative enrollment contracts that include personally identifiable information such as full names, addresses, tax identification numbers, and signatures of mostly Italian citizens. As of June 5, the Ariix Italia data bucket has been closed and is no longer accessible.
Threatpost
MARCH 15, 2018
A Walmart jewelry partners' misconfigured AWS S3 bucket left personal details and contact information of 1.3 Cloud Security Featured Privacy Web Security AWS AWS S3 Bucket data leak Leaky Bucket personal datamillion customers in plain sight.
IT Governance
APRIL 18, 2018
An integral part of your EU General Data Protection Regulation (GDPR) compliance project is producing appropriate documentation, which includes a personal data breach notification procedure. What is a personal data breach? The UK Information Commissioner’s Office (ICO) defines a personal data breach as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data”.
Security Affairs
NOVEMBER 26, 2019
Some third-party apps quietly scraped personal information from people’s accounts from Twitter and Facebook, the social media companies claim. Facebook and Twitter revealed that some third-party apps quietly scraped personal information from people’s accounts without their consent. “No data from Facebook is collected, shared or monetised by MobiBurn,” reads the statement. SecurityAffairs – Twitter, data harversting).
IT Governance
JANUARY 3, 2018
When organisations transfer data, they inevitably compromise its security to some degree. There’s not much organisations can do to eliminate data loss, so the problem becomes how to reduce the damage once the data is exposed? This is a particularly pressing concern with the EU General Data Protection Regulation (GDPR) taking effect this year. Data transfers. Although transferring data is often risky, it’s usually necessary.
65 
Let's personalize your content