fbpx

Russian hackers trading passwords of UK MPs and public officials

The login details of a thousand MPs and parliamentary staff, as well as 7,000 police employees and 1,000 officials at the Foreign Office, are being traded online by Russian hackers, according to reports.

Source: Russian hackers trading passwords of UK MPs and public officials | IT PRO

Some free tech support for GDPR Article 30 (and beyond)

While there are some exceptions for small companies doing infrequent collections, if you’re collecting personal information from European citizens, the upcoming General Data Protection Regulation imposes some very specific documentation requirements.

Source: Some free tech support for GDPR Article 30 (and beyond)

New NIST guidelines: security and privacy recommendations

NIST has published new guidelines relating to security and privacy (I noted recent NIST’s involvement in privacy engineering here ). As many of their documents, new guidelines will be influential for security and privacy engineering.

Source: New NIST guidelines: security and privacy recommendations

How ICANN is manipulating its GDPR discussions

As this blog post shows, ICANN’s management is now thinking about how to comply with the European General Data Protection Regulation (GDPR). They’d better be. Everyone knows ICANN’s Whois policies, which require registries and registrars to provide indiscriminate public access to personal data about domain name registrants, violate European privacy laws.

Source: How ICANN is manipulating its GDPR discussions

Supreme Court Rules Facebook Can’t Contract Out of B.C. Privacy Law

The Supreme Court of Canada issued a landmark decision this morning on the enforceability of forum selection clauses in online contracts, rejecting Facebook’s effort to block a privacy class action lawsuit in British Columbia on the grounds that its own contract specified that legal actions be brought in California.

Source: Supreme Court Rules Facebook Can’t Contract Out of B.C. Privacy Law

UK ICO Revises Subject Access Guidance Following Court Rulings

On June 20, 2017, the UK Information Commissioner’s Office (ICO) published an updated version of its Code of Practice on Subject Access Requests. The updates are primarily in response to three Court of Appeal decisions from earlier this year regarding data controllers’ obligations to respond to subject access requests.

Source: UK ICO Revises Subject Access Guidance Following Court Rulings

New EU ePrivacy Regulation: European Parliament Committee Publishes Draft Report

The EU Parliament Committee in charge of reviewing the EU Commission’s Proposal for an e-Privacy Regulation (Proposal) recently released a Draft Report proposing amendments to the regulation. The e-Privacy Regulation will regulate new electronic communication services such as instant messaging, VOIP services, web-based email, and IoT devices, and will impose significant additional obligations on Internet services and related technologies, including cookies and similar technologies.

Source: New EU e-Privacy Regulation: European Parliament Committee Publishes Draft Report

Germany Issues Ethics Report on Automated and Connected Cars

On June 20, 2017, the German Federal Ministry of Transport and Digital Infrastructure issued a report on the ethics of Automated and Connected Cars. The Report was developed by a multidisciplinary Ethics Commission established in September 2016 for the purpose of developing essential ethical guidelines for the use of automated and connected cars.

Source: Germany Issues Ethics Report on Automated and Connected Cars : : Privacy & Information Security Law Blog

>