Bulgarian Presidency Presents Progress Report and Points for Debate on ePrivacy

On January 10, 2017, the EU Commission adopted a proposal for a Regulation on Privacy and Electronic Communications. On June 8, 2018, the Council of the European Union’s Bulgarian Presidency presented a progress report on the draft ePR to the Transport, Telecommunications and Energy Council.

The Report reflects on the amendments presented in the May 2018 Examination of the Presidency text. The Report is split into two sections: Annex I, a progress report, and Annex II, questions for the policy debate.

Source: Bulgarian Presidency Presents Progress Report and Points for Debate on ePrivacy

The Next Frontier of Police Surveillance Is Drones

A major drone company DJI and a major police-camera company Axon are teaming up, and the possibilities are frightening. The devices will be linked to Axon’s cloud-based database for law enforcement, Evidence.com, which is used to process body-camera data too. And it could open a vast new frontier for police surveillance.

Source: Axon and DJI are teaming up to make surveillance drones, and the possibilities are frightening.

White House says its federal agencies can’t keep track of their own data

Most federal agencies have no way of effectively detecting when data is stolen, found a new, 22-page report published by the White House Office of Management and Budget last week. 73 percent of federal agency programs simply can’t detect when large amounts of information leave their networks.

The report says there were more than 30,000 cyber attacks on the federal government in 2016 that resulted in lost information and compromised systems, but in 38 percent of those attacks (nearly 12,000 of the incidents), the government had no idea where the attacks came from or how they got into the systems.

Source: White House says its federal agencies can’t keep track of their own data

Data-processing agreements from 30,000 feet

Any organization that processes the personal data of data subjects in the European Union should be concerned about having updated data processing agreements in place with vendors and partners with whom they share the data. Having up-to-date data processing agreements in place can also protect an organization from liability in the future, and avoid the potential heavy fines and penalties possible under the GDPR.

Read full article: Data-processing agreements from 30,000 feet

Irish data chief finds Yahoo broke EU law in breach

Irish Data Protection Commission (DPC) issued a statement that Yahoo broke EU law by failing to protect user information in Europe’s largest ever data breach that happened back in 2014. However, DPC issued no penalty against the company.

Source: Irish data chief finds Yahoo broke EU law in breach, issues no penalty – POLITICO

What role can internal auditors play in GDPR compliance?

As a function that has a holistic view of the organization, internal audit plays a role in evaluating the organization’s GDPR compliance. By taking up the role of a strategic partner of the data protection officer, internal auditors can help to guide the company strategy, raise awareness, assess the potential risks, identify gaps, and test the remediated procedures.

Read more: What role can internal auditors play in GDPR compliance?

GDPR certifications come into focus with EDPB guidance

Last week, on GDPR Day, as the law finally came into force, the newly minted European Data Protection Board shed some light on these questions and more with newly released guidance on certifying and identifying certification criteria in accordance with Articles 42 and 43 (there are also “codes of conduct” mentioned in the GDPR alongside certifications, but they aren’t addressed in this guidance).

Source: GDPR certifications come into focus with EDPB guidance

Irish DPA recived 1,300 GDPR queries

More than 1,300 “concerns or complaints” have been made to the Data Protection Commission since the General Data Protection (GDPR) became law last month, while firms have logged 60 breaches of people’s personal data with the watchdog.

Source: Data watchdog deals with 1,300 GDPR queries | Irish Examiner

>