fbpx

Study highlights greater risks run by small businesses that suffer a data breach

Almost a third of consumers have said that a small business would lose their loyalty in the event of a data breach.

While no business is free from the risk of cyber-crime, larger organisations are usually more able to deal with data breach incidents, as they typically have greater finances, IT resources and expertise to invest into cyber-combat and breach recovery.

Source: #privacy: Study highlights greater risks run by small businesses that suffer a data breach

EU and US issue joint statement on the Third Annual EU-U.S. Privacy Shield Review

U.S. Secretary of Commerce Wilbur Ross and EU Commissioner for Justice, Consumers, and Gender Equality Věra Jourová made the joint statement regarding the third annual joint review of the EU-U.S. Privacy Shield Framework.

Officials stated that Privacy Shield ensures that participating companies and relevant government authorities provide a high level of protection for the personal data of EU individuals. The Department of Commerce will revoke the certification of companies that do not comply with Privacy Shield’s vigorous data protection requirements.

The European Commission will publish a report on the functioning of the Privacy Shield. This report will conclude this year’s review process.

Source: Joint Press Statement from Commissioner Věra Jourová and Secretary of Commerce Wilbur Ross on the Third Annual EU-U.S. Privacy Shield Review | U.S. Department of Commerce

California lawmakers passes ban on facial recognition tech in police body cams

The three-year moratorium prohibits state and local law enforcement from using facial recognition technology.

The bill, AB215, also referred to as the Body Camera Accountability Act got voted by The State Assembly 42-18, and will now head to Governor Gavin Newsom who will decide on signing the bill to law. If he signs, it will go into effect January, 2020.

Source: #privacy: California lawmakers passes ban on facial recognition tech in police body cams

10 reasons why the GDPR is the opposite of a ‘notice and consent’ type of law

A ‘notice and consent’ privacy law puts the entire burden of privacy protection on the person and then it doesn’t really give them any choice. The GDPR does the opposite of this.

Here are 10 reasons why it is so: 10 reasons why the GDPR is the opposite of a ‘notice and consent’ type of law

EDPS publishes opinion on communication data as personal data

The European Data Protection Supervisor (EDPS) published, on 11 September 2019, the pleading notes before the Court of Justice of the European Union (CJEU) in the joint hearing for case C-623/17 Privacy International, joint cases C-511/18 and C-512/18 La Quadrature du Net and Others, and case C-520/18 Ordre des Barreaux Francophones et Germanophone and Others.

Notes address question whether the IP addresses or other data relating to electronic communications are capable of providing information on the content of communications, what information concerning the private lives of the concerned persons can be obtained from IP addresses or other data relating to electronic communications, as well as whether, and to what extent, it would be possible to limit the retention and the access to electronic communication data while enabling the objectives set out in Article 15(1) of the ePrivacy Directive.

Source: Pleading notes of the European Data Protection Supervisor (EDPS)

Terms, Conditions and Considerations Under the GDPR

With the recent major GDPR cases on Facebook and Google, DPOs at smaller companies are getting worried and challenged in ensuring terms and conditions and privacy notices are not mixed up.

With hundreds of policy templates to choose from one of the difficulties is writing a privacy policy that is not so long that no one can read it, nor so short that it doesn’t cover the bases, but striking the right balance between the unreadable and the unworkable is essential.

Full article: Terms, Conditions and Considerations Under the GDPR – CPO Magazine

Web feature developers need to pay more attention to privacy and security

Web feature developers are being warned to step up attention to privacy and security as they design contributions.

Writing in a blog post about “evolving threats” to Internet users’ privacy and security, the W3C standards body’s technical architecture group (TAG) and Privacy Interest Group (PING) set out a series of revisions to the W3C’s Security and Privacy Questionnaire for web feature developers.

Full article: Web feature developers told to dial up attention on privacy and security | TechCrunch

Privacy Shield review goes on

US  Administration will host the third annual joint review of the European Union–United States Privacy Shield Framework in Washington, D.C.

This third annual review will bring together key American and European stakeholders to discuss the functioning, value, and integrity of the Privacy Shield Program, which facilitates compliance with European data protection and privacy requirements in support of transatlantic commerce.

Source: Statement from the Press Secretary on the European Union–United States Privacy Shield Framework | The White House

The role of the UK representative post-Brexit

If the United Kingdom leaves the European Union without a deal Nov. 1, it will automatically cease to be a member of the EU. U.K.-based companies will no longer be regulated under the EU General Data Protection Regulation.

The two most significant effects of this are that data transfers between the U.K. and the EU will be affected, and companies may need to appoint an extra EU representative.

Full article: The role of the UK representative post-Brexit

More than half of UK businesses are not fully GDPR compliant

Research by Egress has revealed that 52% of UK businesses are still not fully compliant with GDPR regulation since its implementation.

The survey of UK GDPR decision-makers found that 37% of respondents had reported an incident to the ICO in the past year, to which 17% having done so more than once.

Source: #privacy: More than half of UK businesses are not fully GDPR compliant

1 2 3 404
>