fbpx

Download free GDPR compliance checklist!

Category Archives for "Research"

Thousands of Android apps contain undocumented backdoors

A study has found that thousands of legitimate Android apps are taking liberties or installing with capabilities that users wouldn’t expect to exist.

For example, ability to reset user passwords, bypass payment interfaces, initiate hidden behaviours using secret commands, or just stop users from accessing specific, sometimes political content.

This isn’t necessarily about outright malicious apps so much as legitimate apps taking liberties or installing with capabilities users wouldn’t expect to exist.

Source: Thousands of Android apps contain undocumented backdoors, study finds – Naked Security

What can we expect over the next nine months in cybersecurity and data privacy?

A new annual report by TÜV Rheinland, in partnership with global cybersecurity experts, studying some of the main issues that we can expect to appear on the cybersecurity landscape as we progress through the remainder of this year.

The white paper, titled Cybersecurity Trends for 2020, looks at the increasing cyber-threat and the dangers posed to smart supply chains, healthcare, and operating systems that use real-time technology.

Source: #Privacy: What can we expect over the next nine months in cybersecurity and data privacy?

Employers accused of abusing EU data privacy rules to hinder trade unions

The EU’s General Data Protection Regulation (GDPR) is being misused by employers across Europe as trade unions are denied access to information required to recruit and organise workers, a new study has found.

The trends highlighted in ETUC’s report bring to light the recent challenges for trade unions to mobilise their networks as a result of workplaces refusing access to employee data under the pretext that it is forbidden by the GDPR. In this vein, the report brings to attention cases in a range of EU member states including Spain, Luxembourg and Belgium.

Source: Employers accused of abusing EU data privacy rules to hinder trade unions – EURACTIV.com

Survey Reveals Leading Corporate Data Privacy Risks, Priorities and Change Initiatives

FTI Consulting announces findings from its study of data privacy trends, which indicated a sense of constant change and regulatory unease.

75 percent of organizations surveyed have made changes to their data privacy programs in the last 12 months. In the coming year, 97 percent of organizations will increase their spend on data privacy, with an average increase of 50 percent.

Based on responses from more than 500 leaders of large, U.S.-based, companies, Corporate Data Privacy Today: A Look at the Current State of Readiness, Perception and Complianceprovides a robust illustration of the current privacy landscape and the programs, perceptions and strategies currently in play at large corporations.

Source: New FTI Consulting Survey Reveals Leading Corporate Data Privacy Risks, Priorities and Change Initiatives | FTI Consulting

Study reveals the global impact of GDPR

With the introduction in May 2018 of the European Union’s (EU) General Data Protection Regulation (GDPR), 2019 was expected to be the year of enforcement, with regulators using extended powers to set a higher bar for managing individuals’ data.

The latest Beazley Breach Insights report analyses the actions of data protection regulators across the EU in 2019 and the impact on organizations based elsewhere that are nonetheless subject to the rules through their business structure or customer base.

Source: #Privacy: Study reveals the global impact of GDPR – PrivSec Report

Study finds privacy concerns put most adults off dealing with a firm

A new study of over 2,000 US adults and 500 marketing executives has found that data privacy is now a business issue.

The research, conducted by customer engagement platform, Braze finds reports that 84% of adults have decided against engaging with a company because it needed too much of their personal information, and three in five consumers have gone so far as to delete an app from their phone for that same reason.

Source: #Privacy: New study finds privacy concerns put most adults off dealing with a firm

Over 15 billion records were exposed last year

The total number of records exposed in 2019 increased by 284 percent compared to 2018. In total, there were over 15.1 billion records exposed.

There were 7,098 breaches reported in 2019, a one percent increase on 2018, though the gap is anticipated to grow throughout Q1 2020 as more 2019 incidents come to light, says the new Risk Based Security report, 2019 Year End Data Breach QuickView Report.

Source: #Privacy: Over 15 billion records were exposed last year

GDPR enforcement is on fire!

Data protection authorities (DPAs) are rapidly increasing their GDPR enforcement activities and here are some trends coming to surface.

While fines are not always particularly high, in terms of volume, data protection authorities (DPAs) are rapidly increasing their GDPR enforcement activities.

DPAs have levied 190 fines and penalties to date. Spain leads the pack as Europe’s most active regulator, followed by Romania (21) and Germany (18).

Failures of data governance – not security – trigger the most fines and penalties. Breaches are just a starting point. However, compromised data from even a single customer can be expensive.

Read full article: Guess what? GDPR enforcement is on fire! | ZDNet

Researchers Find ‘Anonymized’ Data Is Even Less Anonymous Than We Thought

Corporations love to pretend that ‘anonymization’ of the data they collect protects consumers. Studies keep showing that’s not really true.

When it was revealed that Avast is using its popular antivirus software to collect and sell user data, Avast CEO Ondrej Vlcek first downplayed the scandal, assuring the public the collected data had been “anonymized”—or stripped of any obvious identifiers like names or phone numbers.

But analysis from students at Harvard University shows that anonymization isn’t the magic bullet companies like to pretend it is. Previous studies have shown that even within independent individual anonymized datasets, identifying users isn’t all that difficult. But when data from different leaks are combined, identifying actual users isn’t all that difficult.

Source: Researchers Find ‘Anonymized’ Data Is Even Less Anonymous Than We Thought – VICE

GDPR Subverted by Cookie Consent Tools

New study suggests that many websites are navigating around GDPR by tailoring the design of their cookie consent tools and using dark patterns to provide a misleading veneer of a consent agreement.

According to the researchers, the study illustrates “the extent to which illegal practices prevail, with vendors of CMPs turning a blind eye to — or worse, incentivising — clearly illegal configurations of their systems.”

Source: GDPR Subverted by Cookie Consent Tools, Study Reveals – CPO Magazine

>