Privacy Transformation - Issue 16
PUBLIC SERVICES CARD
Data Protection Commissioner will no longer engage with Department of Social Protection regarding Public Services Card
The Department of Social Protection’s rejection of the recent highly critical findings of the Data Protection Commissioner regarding the Public Services Card has been struck a perhaps fatal blow with the news that the Commissioner will not be engaging further with them.
Data Protection Commission to seek enforcement action over government's refusal to comply with PSC findings
The Data Protection Commission has said it plans to proceed with enforcement action following the government’s refusal to comply with recommendations made in a report about the legality of the Public Services Card.
DATA BREACH NEWS
Data watchdog may prosecute Government over PSC use
The Government is facing prosecution by the State’s data watchdog over its decision to defy a report that found the retention of information gathered on 3.2 million citizens was unlawful.
Government to continue processing PSC data in defiance of Data Protection Commissioner ruling
Personal data relating to the Public Services Card will still be processed by the Government despite the Data Protection Commission finding that there is no legal basis for it to do so outside of social welfare payments.
'Inappropriate' to withdraw Public Services Card, says Govt
The Government has said it would be "inappropriate and potentially unlawful" to withdraw or modify the Public Services Card, despite recent critical findings by the Data Protection Commissioner.
OTHER PRIVACY NEWS
Google accused of secretly feeding personal data to advertisers
Google is secretly sharing users' personal data with advertisers in breach of Europe's data protection laws, a competing search engine has claimed.
Brave's statement detailing their findings is available here.
SECURITY
Facebook urged not to encrypt children's messaging accounts over NSPCC grooming fears
Facebook should not encrypt children’s messenger accounts unless it can prove the move will not put them in danger from paedophiles, the NSPCC has said.
Improving Communication and Information Sharing Across Incident Response Communities
Enisa has released a new repeart that aims to serve as a starting point for incident response communities to conduct their own evaluation and see how the various communication tools can fit their sizes and needs.
DATA BREACHES
Hundreds of Millions of Phone Numbers From Facebook Accounts Leaked Online - MacRumors
An exposed server with more than 419 million records from Facebook users has been discovered online, reports TechCrunch.
The server was not protected with a password and was accessible to anyone. It featured 133 million records from U.S.-based Facebook users, 18 million records from users in the UK, and 50 million records on users in Vietnam.
Hacked SharePoint Sites Used to Bypass Secure Email Gateways
Phishers behind a new campaign have switched to using compromised SharePoint sites and OneNote documents to redirect potential victims from the banking sector to their landing pages.
Eir faces 22 sets of legal claims on 2018 breach
Telecoms firm Eir says it faces 22 “sets” of legal actions in the circuit court and may face further claims under the General Data Protection Regulation law following two data breaches in recent times.
ENFORCEMENT
FTC touts historic YouTube settlement as 'game changer' for COPPA enforcement Related reading: FTC expected to fine Google up to $200M for alleged COPPA violations
The U.S. Federal Trade Commission is heralding its settlement with Google and its subsidiary YouTube as a historic moment and a "game changer" for enforcement under the Children's Online Privacy Protection Act.
How to interpret Sweden's first GDPR fine on facial recognition in school Related reading: Swedish DPA issues first GDPR fine
The Swedish data protection authority, Datainspektionen, initiated an audit of the public school board of Skellefteå municipality earlier this year after having received media reports that the school board, in a trial project at Anderstorps upper secondary school, had used facial-recognition technology to register student presence during a few weeks.
Infographic - Brexit: Data Protection and Transfers, if “No Deal”
With the U.K. expected to leave the EU imminently, organizations must plan now for data governance within the U.K., and for data transfers into and out of other jurisdictions. Take a look at this IAPP infographic to learn more about where to focus your efforts in the case of a “no deal” Brexit.