fbpx

Free tools and resources for Data Protection Officers!

Category Archives for "Other"

ICO publishes annual report

UK’s data protection authority – Information Commissioner’s Office – has released its annual report.

Highlights from 12 months to 31 March 2019 include:

  • Data protection complaints received by the ICO increased from 21,019 in 2017/18 to 41,661 in 2018/19
  • Helping organisations, small or large, embed the GDPR and DPA 2018
  • Preparation of statutory codes focusing on age appropriate design, data sharing, direct marketing, and data protection and journalism.
  • Using new powers of inspection – issuing 11 assessment notices in conjunction with our investigations into data analytics for political purposes, political parties, data brokers, credit reference agencies and others
  • 2018/19 was a record-breaking year of monetary penalties under the DPA 1998.

Source: ICO publishes annual report covering an ‘unprecedented’ year | ICO

EDPB issues annual report

The European Data Protection Board released its 2018 annual report. The report covers the rules of procedure adopted in the first EDPB plenary session and the creation of the EDPB Secretariat. 

Focus of the report is cooperation among supervisory authorities and transparency. It also touches EDPB’s guidance on certification, territorial scope and accreditation, its opinions regarding ePrivacy regulation and European Commission’s adequacy decisions.

Read full report.

EDPB and the EDPS consider the European Commission to be a processor of patient data in the eHealth Digital Service Infrastructure

On July 12, 2019, the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a joint opinion on the processing of patient data and the role of the European Commission within the eHealth Digital Service Infrastructure (eHDSI).

The eHDSI system was established in the context of the eHealth Network and allows for the exchange of electronic health data of patients between Member States. Opinion confirms that Member States act as “joint controllers” and the European Commission acts as a processor in processing of patient data within the eHDSI .

Full article: The European Data Protection Board and the European Data Protection Supervisor consider the European Commission to be a processor of patient data in the eHealth Digital Service Infrastructure

Amazon Faces EU Inquiry Over Data From Independent Sellers

European antitrust regulators have opened an investigation into the data that Amazon uses from third-party sellers who rely on the tech company’s site.

The European Union’s top antitrust regulator said on Wednesday that it had opened a formal antitrust investigation into whether Amazon was using the third-party data to promote its own products at the expense of other retailers.

Regulators said they were examining whether Amazon was hurting competition by abusing its dual role as a retailer that sells its own goods and a marketplace where other merchants sell products.

Source: Amazon Faces E.U. Inquiry Over Data From Independent Sellers – The New York Times

Facebook Dodged a Bullet From the FTC. It Faces Many More. 

The social network may have escaped restrictions and financial bruising with the F.T.C.’s settlement, but its pain is just beginning around the world.

Regulators and lawmakers in Washington, Europe and in countries including Canada have already begun multiple investigations and proposing new restrictions against Facebook that will probably embroil it in policy debates and legal wrangling for years to come. And in some of these places, the authorities are increasingly coordinating to form a more united front against the company.

Full article: Facebook Dodged a Bullet From the F.T.C. It Faces Many More. – The New York Times

Irish privacy watchdog may launch another Google investigation

Google may have to face further investigations by the Irish Data Protection Commission after reports of contractors being able to hear users’ audio footage submitted to the tech firm’s digital assistant.

The prospective measures follow a data breach notification sent to the Irish data watchdog last week. The news of the Irish DPC’s prospective investigation comes two months after Google revealed upgraded privacy and data protection features at the firm’s annual developer conference.

Source: Irish privacy watchdog may launch another Google investigation

A few practical tips for managing subject access requests

Subject access requests are the bane of many an in-house privacy professional’s life.

It may seem curious that, on the one hand, we take seriously as privacy professionals our responsibility to uphold data subjects rights while, on the other, the exercise of one of the most fundamental of these rights – that of access to data – will typically cause even the most dedicated of privacy professionals to elicit a small whimper.

Full article: A few practical tips for managing subject access requests

Facebook’s FTC fine will be $5 billion—or one month’s worth of revenue

The Federal Trade Commission and Facebook have reportedly agreed on a $5 billion fine that would settle the FTC’s privacy investigation into the social network.

Fine will settle privacy investigation triggered by Cambridge Analytica scandal.

Source: Facebook’s FTC fine will be $5 billion—or one month’s worth of revenue | Ars Technica

Businesses more reliant on ICO as data breach reports explode

The UK data regulator has revealed its staff received four times as many reports of personal data breaches during an “unprecedented” 2018/19 against the previous financial year.

Similarly, the number of complaints received from the public rose from 21,019 in 2017/18 to 41,661, according to figures revealed in the UK’s Information Commissioner’s Office (ICO) annual report. Organisations were also twice as reliant on the ICO for advice or guidance during 2018/19.

Source: Businesses more reliant on ICO as data breach reports explode | IT PRO

EDPB publishes overview on the implementation of the GDPR and national DPAs

European Data Protection Board has published an overview of the implementation and enforcement of the General Data Protection Regulation (GDPR) covering both the cooperation mechanism and the consistency findings.

EDPB thinks that the GDPR cooperation and consistency mechanism work quite well in practice. The experiences of the EDPB regarding consistency is – up to now – limited, as no dispute resolution through this new EU body was necessary during the reported period.

Read full report.

1 2 3 76
>