fbpx

Download free GDPR compliance checklist!

Tag Archives for " report "

EU backs away from call for blanket ban on facial recognition tech

New draft of AI paper drops suggestion of five-year moratorium on surveillance tech.

In a draft of a paper on artificial intelligence to be published next week, the European Commission finds that facial recognition is prone to inaccuracy, can be used to breach privacy laws, and can facilitate identity fraud.

However, unlike the previous draft, the paper no longer includes the suggestion that the commission should consider a blanket moratorium of five years – a period during which states could study the technology’s impact before rolling it out in public spaces.

Instead the latest draft puts the onus on individual member states to assess how and when they wish to permit the use of facial recognition.

Source: EU backs away from call for blanket ban on facial recognition tech

Study finds privacy concerns put most adults off dealing with a firm

A new study of over 2,000 US adults and 500 marketing executives has found that data privacy is now a business issue.

The research, conducted by customer engagement platform, Braze finds reports that 84% of adults have decided against engaging with a company because it needed too much of their personal information, and three in five consumers have gone so far as to delete an app from their phone for that same reason.

Source: #Privacy: New study finds privacy concerns put most adults off dealing with a firm

Over 15 billion records were exposed last year

The total number of records exposed in 2019 increased by 284 percent compared to 2018. In total, there were over 15.1 billion records exposed.

There were 7,098 breaches reported in 2019, a one percent increase on 2018, though the gap is anticipated to grow throughout Q1 2020 as more 2019 incidents come to light, says the new Risk Based Security report, 2019 Year End Data Breach QuickView Report.

Source: #Privacy: Over 15 billion records were exposed last year

GDPR enforcement is on fire!

Data protection authorities (DPAs) are rapidly increasing their GDPR enforcement activities and here are some trends coming to surface.

While fines are not always particularly high, in terms of volume, data protection authorities (DPAs) are rapidly increasing their GDPR enforcement activities.

DPAs have levied 190 fines and penalties to date. Spain leads the pack as Europe’s most active regulator, followed by Romania (21) and Germany (18).

Failures of data governance – not security – trigger the most fines and penalties. Breaches are just a starting point. However, compromised data from even a single customer can be expensive.

Read full article: Guess what? GDPR enforcement is on fire! | ZDNet

2020 Global Legislative Predictions

This year’s report on privacy and data protection regulation includes contributions from IAPP members all over the world outlining their predictions and hopes for the upcoming year.

Almost all countries featured in this report are expecting increased regulation and enforcement this year and, as a result, are increasing their workforce accordingly. Facial recognition is a hot topic in a number of countries, with some calling for a ban, while others embrace the technology. And, in the U.S., there is still talk of a federal privacy law.

Access report: White Paper – 2020 Global Legislative Predictions

Human Error Not Cybersecurity is Leading GDPR Data Breach Trend

Human error is the main data breach trend under the new GDPR regime not cybersecurity incidents according the Irish Data Protection Commission (DPC).

The DPC has detailed the data breach trends it has observed during the first year of GDPR and unauthorised disclosure tops the list accounting for 83 percent of all reported breaches.

During the first year of GDPR, beginning on the 25 of May 2018, the Irish Data Protection Commission received 5,818 data breach notifications. The DPC notes that approximately 4 percent of all reported breaches were deemed to have not meet the definition of a ‘personal data breach’ when GDPR is applied.

Source: Human Error Not Cybersecurity is Leading GDPR Data Breach Trend

52% of companies use cloud services that have experienced a breach

Use of personal devices when accessing cloud services and the sprawl of high-risk cloud services drive new areas of risk for companies using the cloud.

Seventy-nine percent of companies store sensitive data in the public cloud, according to a McAfee survey. While these companies approve an average of 41 cloud services each, up 33 percent from last year, thousands of other services are used ad-hoc without vetting. In addition, 52 percent of companies use cloud services that have had user data stolen in a breach.

Source: 52% of companies use cloud services that have experienced a breach – Help Net Security

GDPR Subverted by Cookie Consent Tools

New study suggests that many websites are navigating around GDPR by tailoring the design of their cookie consent tools and using dark patterns to provide a misleading veneer of a consent agreement.

According to the researchers, the study illustrates “the extent to which illegal practices prevail, with vendors of CMPs turning a blind eye to — or worse, incentivising — clearly illegal configurations of their systems.”

Source: GDPR Subverted by Cookie Consent Tools, Study Reveals – CPO Magazine

€114 Million in Fines Imposed by EU Authorities Under GDPR

New findings from DLA Piper show that 160,000 data breach notifications reported across 28 European Union Member States and data protection authorities have imposed €114 million in monetary fines under the GDPR for a wide range of infringements. Not all fines were related to data breach infringements, however.

In terms of the total value of fines issued by geographical region, France (€51m), Germany (€24.5m) and Austria (€18m) topped the rankings, whilst the Netherlands (40,647), Germany (37,636) and the UK (22,181) had the highest number of data breaches notified to regulators.

Source: €114m in Fines Imposed by Euro Authorities Under GDPR – Infosecurity Magazine

2019 registers over €400m in data protection fines in Europe

Last year, the data protection authorities in the EEA imposed 190 fines with a total cost of over €410,000,000, according to a new report by Federprivacy.

The study analyzed official sources of information in the 30 countries that are part of the European Economic Area (EEA).

The most active Authority for Data Protection was Italy (GPDP) with 30 actions in 2019, followed by Spain (AEPD) with 28, and Romania (ANSPDCP) with 20. The strictest has been the UK (ICO) with €312,000,000 of sanctions (76% of the total).

Source: #Privacy: 2019 registers over €400m in data protection fines in Europe

1 2 3 30
>