Privacy Transformation - Issue 146

PRIVACY

Data Protection Commission’s Meta ruling could lead to decisive victory for data privacy

Data Protection Commission’s Meta ruling could lead to decisive victory for data privacy

If ‘no transfers’ decision gets EU backing, onus will be on US to get its data act together.

The Irish Times view on the Data Protection Commission: the case for strong regulation

The Irish Times view on the Data Protection Commission: the case for strong regulation

No other agency of the State carries the kind of responsibility the Data Protection Commission has in its role overseeing EU-wide activities of tech multinationals

Facebook in 'wholesale breach of privacy rights', Lisa Smith lawyers tell court

Facebook in 'wholesale breach of privacy rights', Lisa Smith lawyers tell court

The legal team are objecting to the admissibility of messages sent using Facebook between Smith and known Islamist terrorists in Australia and Syria.

Opinion; US-EU Privacy Shield Talks Inching Closer To A Deal

Opinion; US-EU Privacy Shield Talks Inching Closer To A Deal

U.S. and European Union negotiators are close to finalizing a transatlantic data transfer mechanism, an agreement to simplify the exchange of personal data between the two regions that could be announced as early as this spring.

Killarney CCTV update “not what I wanted”

Killarney CCTV update “not what I wanted”

Fianna Fáil Cllr Niall Kelleher has said the local authority’s answer to his questions about the installation of CCTV equipment in Killarney was “not the answer I wanted”.

SECURITY & TECH

NHS Scotland Covid app rebuked for breaching data privacy laws

UK watchdog says app was not clear about how data is used and it may consider ‘further regulatory action’

UK NCSC: Weekly Threat Report

UK NCSC: Weekly Threat Report

The NCSC's weekly threat report is drawn from recent open source reporting.

DATA BREACH

Aon confirms it is investigating 'cyber incident'

Aon confirms it is investigating 'cyber incident'

Aon, the British-American provider of insurance and pension administration, has brought in external specialists to help probe a "cyber incident".

ENFORCEMENT

Polish DPA: Fine issued for employee retaining access to systems and data after employment ended

Polish DPA: Fine issued for employee retaining access to systems and data after employment ended

The controller, Santander Bank Polska S.A. notified the personal data breach to the Polish DPA when it established that a former employee of the bank, despite the termination of his/her employment contract, had unauthorised access to the controller's profile on the Electronic Services Platform of the Social Insurance Institution.

ICO reprimands Scottish Government over need to be upfront about NHS Scotland COVID Status app’s use of people’s details

ICO reprimands Scottish Government over need to be upfront about NHS Scotland COVID Status app’s use of people’s details

The Information Commissioner’s Office has issued a reprimand to the Scottish Government and NHS National Services Scotland over both organisations failure to provide people with clear information about how their personal information - including sensitive health data – is being used by the NHS Scotland COVID Status app.

More on the latest GDPR enforcement news can be found on:

enforcementtracker.com

GUIDANCE & OPINIONS

EDPB: Guidelines 04/2021 on Codes of Conduct as tools for transfers

Guidelines 04/2021 on Codes of Conduct as tools for transfers have been adopted following public consultation.

EDPS Opinion on Intelligent Transport Systems

EDPS Opinion on Intelligent Transport Systems

EDPS Opinion on the proposal for amending the Directive on the framework for the deployment of Intelligent Transport Systems in the field of road transports.

RESOURCES

EDPS survey on Covid-19 related processing activities by EU institutions, bodies, offices and agencies

EDPS survey on Covid-19 related processing activities by EU institutions, bodies, offices and agencies.

CONTRIBUTE

Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.