After Google reportedly confirmed the practice of gathering location data from Android devices even when the service was disabled by users, regulators in South Korea summoned representatives of the tech giant this week for questioning.
Netflix’s ability to extrapolate detailed and specific viewing habits from its vast data set leaves troubling questions about its employees’ access to personal customer information.
The Global Privacy Enforcement Network (GPEN) has found that organisations should be more open, honest and transparent in their online privacy notices on how they use personal data.
When the chalk-face meets the thin blue line: handling police involvement with school staff.
Hot on the heels of the European Commission’s official review of the functioning of the EU-U.S. Privacy Shield framework, the Article 29 Working Party (Working Party) of EU data protection regulators has issued its own report on the matter.
The Commission gave it the official (if lukewarm) ok in October, following the first annual review. Last week it was time for the Article 29 Working Party (WP29) to have its say. The overall verdict: OK but could do better. This is backed up by a threat to mount a legal challenge.
Technology giant IBM is one of the world’s largest processors of information so ensuring compliance with the upcoming General Data Protection Regulation is essential. The company provides its clients with a range of data privacy, security and governance offerings and is introducing these same readiness programmes internally across its enterprise.
The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, today released the CSA Code of Conduct for GDPR Compliance, which provides cloud service providers (CSPs), cloud customers, and potential customers with much-needed guidance in order to comply with the new obligations stemming from the European General Data Protection Regulation (GDPR). As part of this release, the CSA has also launched the CSA GDPR Resource Center, a new, community-driven website with tools and resources to help educate cloud service providers and enterprises on the new European data protection regulation.
The nature of the digital economy is as such that it will force the creation of multi-competent supervisory authorities sooner rather than later. What if the European Data Protection Board would become in the next 10 to 15 years an EU Digital Regulator, looking at matters concerning data protection, consumer protection and competition law, having “personal data” as common thread? This is the vision Giovanni Buttarelli, the European Data Protection Supervisor, laid out last week in a conversation we had at the IAPP Data Protection Congress in Brussels.
Image-sharing website Imgur has confirmed that the emails and passwords of 1.7 million users were compromised in 2014.