Privacy Transformation - Issue 144

PRIVACY

Dem duo's warning of CIA 'warrantless backdoor searches' revives domestic spying debate

Dem duo's warning of CIA 'warrantless backdoor searches' revives domestic spying debate

A newly declassified letter from two Democratic senators warning that the CIA has been conducting “warrantless backdoor searches” of Americans’ data is roiling Washington’s long-running debate over balancing national security with civil liberties.

RELATED:

Lawmakers allege 'secret' CIA spying on unwitting Americans

Wyden and Heinrich: Newly Declassified Documents Reveal Previously Secret CIA Bulk Collection, Problems With CIA Handling of Americans’ Information

Call for independent review of Data Protection Commission

Call for independent review of Data Protection Commission

The Irish Council for Civil Liberties has renewed its call on the Minister for Justice to launch an independent review of the Data Protection Commission.

RELATED: Justice sought more data protection funding and staff

European data authorities launch a joint investigation on the public sector’s use of cloud

European data authorities launch a joint investigation on the public sector’s use of cloud

A joint investigation has been launched by 22 national data protection authorities on how the public sector uses cloud services.

Yahoo Japan is going dark in Europe

Yahoo Japan is going dark in Europe

Yahoo Japan has announced that most of its online services will cease to be accessible in the European Economic Area and the UK as of April 6th. The given reason is the cost of complying with European regulations.

Meta's Facebook settles for $90m case in US that it tracked logged-out users

Meta's Facebook settles for $90m case in US that it tracked logged-out users

Facebook then allegedly compiled users' browsing histories into profiles that it sold to advertisers

SECURITY & TECH

'Very high risk' over information on Tusla's internal computer systems

'Very high risk' over information on Tusla's internal computer systems

The Child and Family Agency Tusla has classified as "a very high risk" that it may fail to protect the confidentiality of information on its internal computer systems.

Google moves to make Android apps more private

Google moves to make Android apps more private

Google's plan to limit data tracking on its Chrome browser has been extended to cover apps on its Android-based smartphones. Its so-called Privacy Sandbox project aims to curb the amount of user data that advertisers can gather.

RELATED: ICO statement on the Google Privacy Sandbox

EU data watchdog calls for Pegasus spyware ban

EU data watchdog calls for Pegasus spyware ban

EDPS says NSO Group’s software is ‘incompatible with our democratic values’ and should be banned in bloc.

RELATED: EDPS Preliminary Remarks on Modern Spyware

UK NCSC: Weekly Threat Report

UK NCSC: Weekly Threat Report

The NCSC's weekly threat report is drawn from recent open source reporting.

DATA BREACH

Personal data compromised in RDS cyber attack

Personal data compromised in RDS cyber attack

Personal data belonging to staff, members and suppliers of the Royal Dublin Society was compromised during a cyber attack last week.

Red Cross: State hackers breached our network using Zoho bug

Red Cross: State hackers breached our network using Zoho bug

The International Committee of the Red Cross (ICRC) said today that the hack disclosed last month against its servers was a targeted attack likely coordinated by a state-backed hacking group.

RELATED: Cyber-attack on ICRC

ENFORCEMENT

France Rules That Using Google Analytics Violates GDPR Data Protection Law

France Rules That Using Google Analytics Violates GDPR Data Protection Law

The French data protection regulator rules that the use of Google Analytics violates the EU's General Data Protection Regulation (GDPR).

RELATED: Opinion: An uncertain future for the web in Europe

Finnish DPA: Administrative fine imposed on the Finnish Motor Insurers’ Centre

Finnish DPA: Administrative fine imposed on the Finnish Motor Insurers’ Centre

The Finnish DPA has fined the Finnish Motor Insurers’ Centre €52,000 for processing more personal data than was necessary for the purpose of processing claims.

EDPB: Launch of coordinated enforcement on use of cloud by public sector

EDPB: Launch of coordinated enforcement on use of cloud by public sector

In the coming months, 22 national supervisory authorities across the EEA (including EDPS) will launch investigations into the use of cloud-based services by the public sector.

DPC Decisions

A Consultancy Provider

Personal Injuries Assessment Board

More on the latest GDPR enforcement news can be found on:

enforcementtracker.com

CONTRIBUTE

Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.