Addressing the compliance challenge

The regulatory landscape is complex; a recent survey of more than 360 enterprises revealed that 86% are dealing with the complexity of multiple types of data and/or data-related processes subject to privacy and security compliance requirements.

Achieving compliance is an ever-present goal that influences operations, decision-making and success. But as new technologies emerge, businesses transform, and markets evolve, compliance efforts may become undone. Only a continuous approach can prevent this from happening.

Full article: Addressing the compliance challenge

Germany proposes router security guidelines

The German government published at the start of the month an initial draft for rules on securing Small Office and Home Office (SOHO) routers.

Once approved, router manufacturers don’t have to abide by these requirements, but if they do, they can use a special sticker on their products showing their compliance.

Full article: Germany proposes router security guidelines | ZDNet

Will the UK achieve adequacy after Brexit?

The status of U.K.-EU data flows post-Brexit has been the subject of speculation since the fateful vote was taken nearly two-and-a-half years ago. But with the prospect of the U.K. crashing out of the EU without an orderly withdrawal agreement growing ever-more realistic, concern is mounting.

Full article: Will the UK achieve adequacy after Brexit? Even the ICO isn’t so sure

Airlines collect too much passenger data

Airlines are widening scope of data they collect from passengers – but if it goes wrong, they could find themselves dealing with the fallout of a security breach and scrambling to win back trust.

Full article: Collecting passenger data can help airlines’ customer service and profitability soar, but as Cathay Pacific hack shows it can be a risky strategy | South China Morning Post

EU says India’s data localisation unnecessary

The European Union has termed the data localisation requirements proposed by India as unnecessary, harmful and likely to have negative effects on trade and investments.

The proposed data protection policy in India requires every data fiduciary to store at least one copy of personal data collected on a local server or data centre.

Full article: GDPR-loving EU says India’s data localisation unnecessary – The Economic Times

Parents are giving tons of their kids’ personal data away

On average, parents will post more than 1,000 images of their children online before they’re old enough to have their own social media accounts, according to a new report on the digital lives of kids. And that size of ‘digital footprint’ comes with risks that may not yet be fully realized.

Full article: Parents are giving tons of their kids’ personal data away — and the long-term effects aren’t yet known | CBC News

Cambridge Analytica Knew How You’d Vote If You Wore Wrangler

The whistle-blower behind the Cambridge Analytica revelations said the now-defunct data research firm used the fashion preferences of Facebook Inc. users to help develop the algorithms needed to target them with political messaging.

Sharing examples of the anonymized data for the first time, originally collected and used by Cambridge Analytica, Christopher Wylie said people who displayed an interest in Abercrombie & Fitch tended on average to be less cautious and more liberal, and individuals who liked Wrangler were usually more conservative and more keen on “orderliness.”

Full article: Cambridge Analytica Knew How You’d Vote If You Wore Wrangler – Bloomberg

Does the EDPB answer frequently asked questions on territorial scope?

The European Data Protection Board (EDPB , the successor to the Article 29 Working Party) has issued guidelines (for consultation) on one of the key foundation elements of the General Data Protection Regulation ( GDPR ); namely, Article 3 on territorial scope.

Article 3 is supposed to answer the important questions of when GDPR applies (depending on the location of an entity processing personal data, or of the individuals whose data is being processed). Unfortunately, Article 3 was drafted in a way that left many key concerns unanswered.

Source: Does the EDPB answer frequently asked questions on territorial scope?

Google facing mounting pressure over tracking tactics

Google’s data privacy practices are attracting the regulator attention, due to the search engine’s tracking of user locations, the BBC news website reports. Seven organisations have come together to file complaints with a number of regional watchdogs over Google’s tracking behaviours, with issues based on research which suggests users have no choice but to engage with the tracking system.

Full article: Google facing mounting pressure over tracking tactics

>