Privacy Transformation - Issue 124
PRIVACY
Ireland is a ‘GDPR bottleneck’ that lets big tech off the hook
The architect of the EU law believes a centralised regulator with real teeth is required
Parents warned spreading Covid misinformation on WhatsApp could breach data protection laws
Parents found to be spreading misinformation or personal data in Whatsapp groups, could be in breach of data protection laws and may be sued.
Data-Privacy Impasse Hangs Over U.S.-EU Trade and Technology Summit
Companies including Google urge officials to strike a new deal to ease trans-Atlantic data flows.
French privacy watchdog takes action on government fingerprint database issues
The National Commission for Information Technology and Civil Liberties (CNIL) has decided to call the Ministry of the Interior to order after observing several failures in the proper maintenance of the automated fingerprint file (FAED).
Italian DPA investigates the apps that listen using device microphone
The Privacy Guarantor has opened a formal investigation into apps that record from the microphones.
Irish DPC WhatsApp decision: What do you need to know?
On Sept. 2, the Irish Data Protection Commission announced a decision to fine WhatsApp 225 million euros.
EDPB adopts opinion on draft South Korea Adequacy Decision
The EDPB adopted its opinion on the European Commission’s draft adequacy decision for the Republic of Korea.
RELATED: EU privacy watchdogs’ important caveats for data transfers with South Korea
Privacy Myth - It’s Merely Metadata
Traditionally a distinction is made between data and metadata, separating the actual content of a communication (e.g., a letter, a phone conversation) from the technical data necessary to establish the connection between the sender and the recipient (e.g., an address, or a phone number). Unlike its metadata, the data itself is often considered private and offered stronger protection: the secrecy of correspondence is enshrined in the constitution of many countries. But shouldn’t metadata be given similar protections? Is it really ‘merely’ metadata?
SECURITY & TECH
Instagram for kids paused after backlash
Facebook delays its child-friendly Instagram version to do more work with concerned parents.
FBI decision to withhold Kaseya ransomware decryption keys stirs debate
Many security experts defended the FBI's decision to leave Kaseya victims struggling with ransomware infections for weeks.
Facebook tweaks cookie consent controls in Europe to comply with GDPR, ePrivacy Directive
The company has also created a new settings menu on FB and Instagram, where people can revisit and manage their cookie consent decisions at any time.
London's Met Police Buying Retrospective Facial Recognition Technology
The UK's Metropolitan Police Service has been authorised to buy and use retrospective facial recognition technology.
EDPB establishes cookie banner taskforce
During its latest plenary, the EDPB decided to set up a taskforce to coordinate the response to complaints concerning cookie banners filed with several EEA SAs by NOYB.
UK NCSC: Weekly Threat Report
The NCSC's weekly threat report is drawn from recent open source reporting.
DATA BREACH
Thousands of online gaming accounts hit in major cyberattack
BloodyStealer malware-as-a-service is sold on the dark web and used to harvest data from gamers online.
ENFORCEMENT
Norwegian DPA: Reprimanded after accessing e-mail account
The background for this case is a complaint from a former board director, who discovered that the company accessed a personal e-mail account associated with the enterprise.
More on the latest GDPR enforcement news can be found on:
CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.