Free tools and resources for Data Protection Officers!

Tag Archives for " publication "

CNIL Publishes Statistical Review of Data Breaches Since GDPR

Recently, the French Data Protection Authority (the “CNIL”) published a statistical review of personal data breaches during the first four months of the EU General Data Protection Regulation’s (“GDPR”) entry into application.

Between May 25 and October 1, 2018, the CNIL received 742 notifications of personal data breaches that affected 33,727,384 individuals located in France or elsewhere. Of those, 695 notifications were related to confidentiality breaches.

Source: CNIL Publishes Statistical Review of Data Breaches Since Entry into Application of GDPR

Connected vehicles: first step towards an international agreement

The International Working Group on Data Protection in Telecommunications (IWGDPT or so-called Berlin Group), has adopted a Working Paper on Connected Vehicles. Paper analyses the different types of data that can be collected, generated, transmitted, processed or retained by connected vehicles and identifies the privacy risks involved in these processes. The paper provides recommendations for manufacturers, third party service providers, standardization bodies, public authorities and rule makers as well as for drivers of connected vehicles on how to effectively avert these risks.

Download the Working Paper

Source: Connected vehicles: first step towards an international agreement

Are our smartphones cheating GDPR?

Consumer champion, Which? has revealed that the smart devices we use on a daily basis could be employing underhand measures to take more of our personal details than we think. A study conducted by the watchdog has concluded that many apps tested are technically behaving in accordance with GDPR stipulations while failing to embrace the true meaning of data protection that the laws seek to imbue.

Full article: Are our smartphones cheating GDPR?

FPF Releases Understanding Facial Detection, Characterization, and Recognition Technologies and Privacy Principles for Facial Recognition Technology in Commercial Applications

FPF has published the infographic Understanding Facial Detection, Characterization, and Recognition Technologies along with Privacy Principles for Facial Recognition Technology in Consumer Applications. These resources will help businesses and policymakers better understand and evaluate the growing use of face-based biometric technology systems when used for consumer applications.

Source: FPF Releases Understanding Facial Detection, Characterization, and Recognition Technologies and Privacy Principles for Facial Recognition Technology in Commercial Applications

IAB releases Transparency & Consent Framework

IAB Europe and IAB Technology Laboratory on April 24 released the market-ready technical specifications for the Transparency & Consent Framework following a 30-day public consultation in March and April 2018.

The official release version of the standard reflects extensive feedback from publishers, agencies, and ad tech companies collected during the consultation period. As with all standards, it is expected that this standard will be iterated with new features and attributes in the future.

Source: IAB Europe and IAB Tech Lab Release Cross-Industry Transparency & Consent Framework For Adoption

Exporting the EU Privacy Regime Through Trade Instruments?

On January 31, 2018, the European Commission endorsed horizontal clauses on cross-border data flows, data protection and privacy in trade and investment agreements.

These clauses, if agreed on by EU member states, will serve as the starting point for negotiations on provisions to be included in Free Trade Agreements and Bilateral Investment Treaties between the European Union and third countries.

Source: Exporting the EU Privacy Regime Through Trade Instruments? – Publications – Mayer Brown

Ransomware reigns supreme in 2018, as phishing attacks continue to trick employees

Ransomware was the cause of 39% of malware-related data breaches, more than double that of last year, according to Verizon’s annual Data Breach Investigations Report.

This is the report’s 11th edition, analyzing more than 53,000 security incidents and 2,216 breaches from 65 countries.

Source: Ransomware reigns supreme in 2018, as phishing attacks continue to trick employees – TechRepublic

Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems

This is the initial public draft of NIST’s newest guideline that provides a flexible systems engineering-based framework to help organizations address the Advanced Persistent Threat (APT).

Draft NIST Special Publication 800-160 Volume 2, Systems Security Engineering: Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems, is the first in a series of specialty publications developed to support NIST Special Publication 800-160 Volume 1, the flagship Systems Security Engineering guideline.

Source: SP 800-160 Vol. 2 (DRAFT), Systems Security Engineering: Cyber Resiliency | CSRC

ESAs weigh benefits and risks of Big Data

The Joint Committee of the European Supervisory Authorities (ESAs) published today its final report on Big Data analysing its impact on consumers and financial firms.

Overall, the ESAs have found that while the development of Big Data poses some potential risks to financial services consumers, the benefits of this innovation currently outweigh these. Many of the risks identified by the ESAs are mitigated by existing legislation.

Source: ESAs weigh benefits and risks of Big Data

>