Privacy Transformation - Issue 103
PRIVACY
DPC clashes with regulators over proposed WhatsApp fine
The Data Protection Commissioner has clashed with several of her European counterparts after they objected to her proposal to impose a fine of up to €50 million on WhatsApp for violating privacy laws.
GDPR one-stop shop ‘unsustainable,’ says key regulators
Irish Data Protection Commissioner Helen Dixon and European Data Protection Supervisor Wojciech Wiewiórowski are among those who believe the one-stop shop provision of the GDPR needs to be reformed for the long term.
Where did Sinn Féin’s nuanced understanding of data protection issues go?
Party’s history of being well informed over privacy issues makes database saga baffling.
RELATED:
Online proctoring: privacy concerns raised amid shift to remote learning
The shift to online learning and testing for universities and colleges has raised concerns from privacy advocates at many post-secondary institutions
SECURITY & TECH
Microsoft: Storing and Processing EU Data in the EU
As part of Microsoft's commitment to the EU’s vision for a 'Europe Fit for the Digital Age,' they have announced a new pledge for their customers in the European Union — if you are a commercial or public sector customer in the EU, Microsoft will enable you to process and store all your data in the EU, ensuring that no data will move outside the EU.
Vaccine Registries Are Good, Vaccine Apps Are Creepy and Invasive
Registries are essential to reopening schools. Apps act as invasive bouncers that could block many communities out of essential spaces.
Contact-tracing apps: Android phones were leaking sensitive data
Hundreds of third-party apps in Android devices were given access to sensitive data logged by contact-tracing apps built on Google and Apple's API, according to security researchers.
What to know about privacy before you accept a Clubhouse invite
Clubhouse has millions of users, millions of dollars, and very few privacy options.
The ransomware surge ruining lives
A coalition is calling for action from governments as victims describe crippling cyber-attacks.
UK NCSC: Weekly Threat Report
The NCSC's weekly threat report is drawn from recent open source reporting.
ENFORCEMENT
Norwegian DPA: Intent to issue €2.5 million fine to Disqus Inc.
The Norwegian Data Protection Authority has notified Disqus Inc. (Disqus) that we they intend to issue an administrative fine of €2.5M for not complying with the GDPR rules on accountability, lawfulness, and transparency.
Dutch DPA fines municipality for Wi-Fi tracking
The Dutch Data Protection Authority (DPA) has fined the municipality of Enschede €600,000 for using Wi-Fi tracking in the city centre in a way that is prohibited. The Wi-Fi tracking made it possible to track shoppers and people who live or work in the city centre.
Austrian DPA has option to fine Google up to €6 billion
NOYB: Google continues to send data from EU websites to the US - despite two Court of Justice rulings. Austrian Data Protection Authority could fine Google up to €6 billion.
[Read NOYBs submission and Google's submission]
More on the latest GDPR enforcement news can be found on:
GUIDANCE & OPINIONS
Italian DPA: Major Critical Issues for Vaccination Pass
The decree that was recently adopted by the Italian government introducing the so-called ‘green pass’, or vaccination pass, is fraught with major criticalities such as to undermine – in the absence of the required amendments – the soundness and operation of the arrangements to lift travelling bans during the pandemic. Urgent measures are accordingly required to protect rights and freedoms of natural persons.
RESOURCES
ENISA: Post-Quantum Cryptography: Current state and quantum mitigation
This study provides an overview of the current state of affairs on the standardization process of Post-Quantum Cryptography (PQC).
CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.