Privacy Transformation - Issue 13

PRIVACY

DPC finds Public Services Card breached data protection laws

DPC finds Public Services Card breached data protection laws

The Data Protection Commission (DPC) has found the Department of Employment Affairs and Social Protection's processing of personal data during the issuing of Public Services Cards (PSC) for use in transactions between a person and a public body other than the department itself to be illegal.

A statement from the DPC on the matter can be found here.

IAB Europe fails to answer Irish Data Protection Commission

IAB Europe fails to answer Irish Data Protection Commission

IAB Europe fails to answer questions from Irish Data Protection Commission arising from formal GDPR complaint by Brave’s Dr Ryan against IAB Europe’s “forced consent” and consent walls.

Tide turns on social media giants as privacy concerns rise in US

Tide turns on social media giants as privacy concerns rise in US

As Democrats reeled from Donald Trump’s shock victory in the 2016 US presidential election, thoughts soon turned to who could take on the Republican president in 2020.

One name that surfaced was that of Facebook chief executive Mark Zuckerberg. Speculation about the young executive’s political ambitions were prompted when he set off on a “listening tour” across the country, despite denials that he was mulling a bid for office.

Less than a year later things looked very different.

White House proposal would have FCC and FTC police alleged social media censorship

White House proposal would have FCC and FTC police alleged social media censorship

A draft executive order from the White House could put the Federal Communications Commission in charge of shaping how Facebook, Twitter and other large tech companies curate what appears on their websites, according to multiple people familiar with the matter.

Statement: Live facial recognition technology in King's Cross

Statement: Live facial recognition technology in King's Cross

Elizabeth Denham, the UK Information Commissioner has issued a statement on the use of live facial recognition technology in King's Cross, London.

Most EU cookie ‘consent’ notices are meaningless or manipulative, study finds

New research into how European consumers interact with the cookie consent mechanisms which have proliferated since a major update to the bloc’s online privacy rules last year casts an unflattering light on widespread manipulation of a system that’s supposed to protect consumer rights.

A 'big data' firm sells Cambridge Analytica’s methods to global politicians, documents show

A 'big data' firm sells Cambridge Analytica’s methods to global politicians, documents show

Cambridge Analytica, the most notorious practitioner of psychological profiling, has closed shop. Their methods aren’t about to die out so easily.

SECURITY

NIST Launches new Cyber Security Insights Blog

NIST Launches new Cyber Security Insights Blog

The U.S. National Institute of Standards and Technology (NIST) has launched a new Cybersecurity Insights blog.

DATA BREACHES

Major breach found in biometrics system used by banks, UK police and defence firms

Fingerprints, facial recognition and other personal information from Biostar 2 discovered on publicly accessible database

ENFORCEMENT

Irish data protection commissioner opens investigation into Verizon Media - Independent.ie

Irish data protection commissioner opens investigation into Verizon Media - Independent.ie

The Irish data protection commissioner has opened an investigation into Verizon Media, formerly called Oath, which owns online properties such as Yahoo and the Huffington Post.

Helen Dixon also makes reference in this article to other DPC investigations including WhatsApp and Garda surveillance techniques.

Irish DPC is looking into how millions of Instagram users' personal data was harvested by one of the company's partners

Irish DPC is looking into how millions of Instagram users' personal data was harvested by one of the company's partners

The Irish Data Protection Commission, a key EU data regulator, wants to know whether EU subjects were affected by the Instagram data scraping.

DPC questions Facebook’s transcribing of audio chats

DPC questions Facebook’s transcribing of audio chats

Facebook is facing questions from Ireland's data protection watchdog — the agency that oversees the company's privacy standards across the European Union — about why it allowed outside contractors to listen and transcribe people's audio chats through Facebook's platforms.

Berlin DPA plans to issue large fine for GDPR violations

Berlin DPA plans to issue large fine for GDPR violations

The Berlin Commissioner for Data Protection and Freedom of Information plans to issue a large fine to a company for violations of the EU General Data Protection Regulation.

EU Nears Decisions in Facebook Privacy Cases

EU Nears Decisions in Facebook Privacy Cases

The EU could begin to hit Facebook with decisions under the bloc’s new privacy law by the end of the year, raising the specter of billions of euros in fines and orders to change business practices.

GUIDELINES

Quick Guide to GDPR Breach Notifications

Quick Guide to GDPR Breach Notifications

The Irish Data Protection Commissioner has published a guide to help controllers better understand their obligations regarding notification and communication requirements.

ICO Guidance: Top issues for town and parish councils

ICO Guidance: Top issues for town and parish councils

The ICO has issued GDPR guidance for town and parish councils which will no doubt be useful for its intended audience in the UK and beyond.

ICO launches consultation on the draft framework code of practice for the use of personal data in political campaigning

ICO launches consultation on the draft framework code of practice for the use of personal data in political campaigning

The Information Commissioner's Office (ICO) is consulting on a new framework code of practice for the use of personal data in political campaigning.

The framework code will serve both as helpful guidance in its own right as well as having the potential to become a statutory code of practice if the relevant legislation is introduced.

RESOURCES

ePrivacy, GDPR Compliance & Open Source Projects

A recent talk from the Free Software and Open Source Conference (FrOSCon) in Germany, on ePrivacy & GDPR compliance challenges for Open Source Projects can be found here.