Privacy Transformation - Issue 143
PRIVACY
Emily O’Reilly opens inquiry into European Commission policing of GDPR in Ireland
EU ombudsman Emily O’Reilly has opened an inquiry into the European Commission’s failure to act against the State over the pace of big tech investigations.
The move comes on foot of a complaint lodged by the Irish Council for Civil Liberties (ICCL) with the ombudsman late last year.
Meta (FB) May Shut Down Facebook, Instagram in Europe Over GDPR Data Rules
Meta Platforms Inc. has once again threatened to pull Facebook and Instagram from Europe if it is unable to keep transferring user data back to the U.S., amid negotiations between regulators to replace a scrapped privacy pact.
RELATED: Meta Ireland teams up with SFI centres on data privacy research
Opinion - The Austrian Google Analytics decision: The race is on
Last month, the Austrian data protection authority fired the starting gun by issuing the most impactful post-“Schrems II” enforcement decision to date.
RELATED:
French data protection authority says Google Analytics is in violation of GDPR
EU orders all personal data collected through ad consent pop-ups be deleted
Why US-based companies should care about the Norway DPA's interpretation of GDPR consent
U.S.-based companies and regulators should fully understand the impact of a decision from Norway’s data protection authority, Datatilyset, regarding how consent is “done,” what constitutes special category data and what “manifestly made public” means.
SECURITY & TECH
HHS: Conti ransomware encrypted 80% of Ireland's HSE IT systems
A threat brief published by the US Department of Health and Human Services (HHS) on Thursday paints a grim picture of how Ireland's health service, the HSE, was overwhelmed and had 80% of its systems encrypted during last year's Conti ransomware attack.
How the growing Russian ransomware threat is costing companies dear
With KP Snacks the latest cyber-attack victim, firms must learn to defend themselves against a mounting menace.
European oil port terminals hit by cyberattack
Major oil terminals in some of western Europe's biggest ports have fallen victim to a cyberattack.
UK NCSC: Weekly Threat Report
The NCSC's weekly threat report is drawn from recent open source reporting.
DATA BREACH
Puma hit by data breach after Kronos ransomware attack
Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021.
Fortune 500 service provider says ransomware attack led to leak of more than 500k SSNs
Morley Companies said 521,046 people were affected by a data breach that resulted from a ransomware attack.
Google says default 2FA cut account breaches in half
Google says enabling two-factor authentication by default cut those users' account breaches in half.
GUIDANCE & OPINIONS
DPC: The supervision of personal data in the courts and certain statutory bodies exercising decision making functions
Guidance concerning data protection and the courts when acting in their judicial capacity.
EDPB: Opinion 1/2022 on the draft decision of the Luxembourg Supervisory Authority regarding the GDPR – CARPA certification criteria
Opinion 1/2022 on the draft decision of the Luxembourg Supervisory Authority regarding the GDPR – CARPA certification criteria
RESOURCES
New Research Across 200 iOS Apps Hints that Surveillance Marketing is Still Going Strong
If you work in advertising or marketing, you’re probably aware of Apple’s privacy efforts over the last year. Apple now requires apps ask customers if they want to 'opt-in' to allow behavioral data tracking. If you’re an Apple customer, you may also think you have control over which apps are tracking you around the internet. Or do you?
CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.