Free tools and resources for Data Protection Officers!

Category Archives for "Research"

Using Wi-Fi to “see” behind closed doors is easier than anyone thought

With nothing but a smartphone and some clever computation, researchers can exploit ambient signals to track individuals in their own homes. They do this by measuring the change in the signal strength as they walk around outside the target building or room. Indeed, they have created an app that uses the smartphone’s built-in accelerometers to record this movement and then analyzes the change in signal strength as they move. In that way, it is possible to number-crunch the position of the transmitter, even in the presence of numerous reflections and distortions.

Source: Using Wi-Fi to “see” behind closed doors is easier than anyone thought – MIT Technology Review

Data Breaches Compromised 4.5 Billion Records in First Half of 2018

Gemalto released the latest findings of the Breach Level Index, a global database of public data breaches, revealing 945 data breaches led to 4.5 billion data records being compromised worldwide in the first half of 2018. Compared to the same period in 2017, the number of lost, stolen or compromised records increased by a staggering 133 percent, though the total number of breaches slightly decreased over the same period, signaling an increase in the severity of each incident.

A total of six social media breaches, including the Cambridge Analytica-Facebook incident, accounted for over 56 percent of total records compromised. Of the 945 data breaches, 189 (20 percent of all breaches) had an unknown or unaccounted number of compromised data records.

Source: Data Breaches Compromised 4.5 Billion Records in First Half of 2018*

GDPR in Numbers

The numbers show that the GDPR – with only five months since its entry into effect – is not merely a set of general principles and empty promises but a practical and widely used tool for the protection of people’s privacy.

The European Data Protection Board claims that more than across Europe 42,230 complaints have been lodged across Europe. A large number of data breach notifications (nearly 13,000 overall) suggests that businesses and other organisations treat seriously the obligation imposed by Article 33 of the GDPR. As of 25 September, only six draft codes have been submitted: four in Romania, one in Poland, and one in Germany.

Full article: GDPR in Numbers

CNIL Publishes Statistical Review of Data Breaches Since GDPR

Recently, the French Data Protection Authority (the “CNIL”) published a statistical review of personal data breaches during the first four months of the EU General Data Protection Regulation’s (“GDPR”) entry into application.

Between May 25 and October 1, 2018, the CNIL received 742 notifications of personal data breaches that affected 33,727,384 individuals located in France or elsewhere. Of those, 695 notifications were related to confidentiality breaches.

Source: CNIL Publishes Statistical Review of Data Breaches Since Entry into Application of GDPR

US Firms Have Begun Addressing GDPR Shortcomings

A survey of 145 US corporate directors of public company boards conducted by BDO USA during August 2018 has revealed that eight out of ten companies have taken steps to ensure they are complying with necessary data protection legislation. This included implemented such measures as completing a gap assessment and updating the company privacy policy.

The survey was conducted as part of the BDO  2018 Cyber Governance Survey which you can read here.

Source: Study by BDO USA Suggest US Firms Have Begun Addressing GDPR Shortcomings – Compliance Junction

Is the ICO’s view of “lawful processing” under the GDPR wrong?

What makes processing “lawful” under the GDPR? The Information Commissioner (ICO) has stated that the word “lawfulness” has general application, as it did under the previous Data Protection Act (DPA1998). Though this view may be wrong. There is a significant risk that the level of the protection afforded to data subjects in the UK (and in Europe) is much diminished.

Full article: Is the ICO’s view of “lawful processing” under the GDPR wrong?

82% of security pros fear hackers using AI to attack their company

Enterprise IT and security professionals recognize AI’s potential in cybersecurity, according to a new report from Neustar: 87% of the 301 senior technology and security workers surveyed agreed that AI will make a difference in their company’s defenses. However, 82% said they are also afraid of attackers using AI against their company, the report found.

Full article: 82% of security pros fear hackers using AI to attack their company – TechRepublic

One in Six European Companies Unprepared for GDPR Breach

The British Standards Institution (BSI) has released the results of a study which show that one in six European business are not sufficiently ready to face the threat of a data breach.

The report showed that 73 per cent of groups who participated in the BSI research were ‘concerned about cybersecurity and were seeking solutions’. However, one in six groups advised the researchers that they had no plan in place to address a data breaches. 33 per cent said they were not currently completing cybersecurity testing as opposed to 59 per cent revealing that they were engaging in end-user security awareness programmes.

Source: BSI Study: One in Six European Companies Unprepared for GDPR Breach – Compliance Junction

Consumers say they want much more control over their personal data

Janrain, which polled more than 1,000 U.S. consumers. The survey found that  two-thirds of US adults want government to pass laws that provide them with “greater privacy, security and control of their personal data.”

46 percent of consumers were willing to forgive a company that was a “victim of a data security breach,” if that company immediately notified them. Another 42 percent would “possibly” be willing to forgive.

However the bulk of the results show that consumers are clearly ambivalent about the companies they interact with, especially online, and the majority want much more control over their data.

Source: Consumers say they want much more control over their personal data – MarTech Today

>