Privacy Transformation - Issue 180

PRIVACY

Countdown to compliance as EU's Digital Services Act published

Countdown to compliance as EU's Digital Services Act published

The European Union's flagship reboot of long-standing ecommerce rules, aka the Digital Services Act (DSA), has now been published in the bloc's Official Journal.

RELATED: Digital Services Act

Court throws out data protection breach claims by members against Siptu

Court throws out data protection breach claims by members against Siptu

Judge cites rulings by data and legal authorities that proof of ‘more than minimal loss’ necessary before such cases could succeed.

Data protection concerns raised on farm prescription plans

Data protection concerns raised on farm prescription plans

Senator Tim Lombard has called for the involvement of the Data Protection Commissioner in assessing whether the sharing of farmer data will be legal.

SECURITY & TECH

Technology that lets us speak to our dead relatives has arrived. Are we ready?

Technology that lets us speak to our dead relatives has arrived. Are we ready?

Digital clones of the people we love could forever change how we grieve.

Almost half of Irish SMEs hit by multiple cyber attacks

Almost half of Irish SMEs hit by multiple cyber attacks

Almost half of Irish small and medium businesses have experienced multiple cyber attacks in the last three years, according to a new study.

ICO: ‘Immature biometric technologies could be discriminating against people’ says ICO in warning to organisations

ICO: ‘Immature biometric technologies could be discriminating against people’ says ICO in warning to organisations

The UK Information Commissioner's Office is warning organisations to assess the public risks of using emotion analysis technologies, before implementing these systems. Organisations that do not act responsibly, posing risks to vulnerable people, or fail to meet ICO expectations will be investigated.

The No-Nonsense Comprehensive Compelling Case For Why Lawyers Need To Know About AI And The Law

The No-Nonsense Comprehensive Compelling Case For Why Lawyers Need To Know About AI And The Law

This is a no-nonsense comprehensive and compelling case for why lawyers need to know about AI and the law. If you are a lawyer or know a lawyer or perhaps a law student, make sure to see what AI has to offer for those keenly interested in the law.

Twilio discloses another hack from June, blames voice phishing

Twilio discloses another hack from June, blames voice phishing

Cloud communications company Twilio disclosed a new data breach stemming from a June 2022 security incident where the same attackers behind the August hack accessed some customers' information.

TikTok Parent ByteDance Planned To Use TikTok To Monitor The Physical Location Of Specific American Citizens

TikTok Parent ByteDance Planned To Use TikTok To Monitor The Physical Location Of Specific American Citizens

The project, assigned to a Beijing-led team, would have involved accessing location data from some U.S. users’ devices without their knowledge or consent.

DATA BREACH

Australia's No. 1 health insurer says hacker stole patient details

Australia's No. 1 health insurer says hacker stole patient details

Australia's biggest health insurer said on Thursday a criminal had apparently stolen customers' medical information as part of a massive breach of data, fueling concern about a wave of high-profile cyber attacks.

ENFORCEMENT

‘Biggest cyber risk is complacency, not hackers’ - UK Information Commissioner issues warning as construction company fined £4.4 million

‘Biggest cyber risk is complacency, not hackers’ - UK Information Commissioner issues warning as construction company fined £4.4 million

The UK Information Commissioner has warned that companies are leaving themselves open to cyber attack by ignoring crucial measures like updating software and training staff. The warning comes as the Information Commissioner’s Office (ICO) issued a fine of £4,400,000 to Interserve Group Ltd, a Berkshire based construction company, for failing to keep personal information of its staff secure.

Outsourcer Interserve fined £4.4m for failing to stop cyber-attack

Outsourcer Interserve fined £4.4m for failing to stop cyber-attack

Watchdog says phishing email enabled hackers to steal personal information of 113,000 employees.

France fines Clearview AI maximum possible for GDPR breaches

France fines Clearview AI maximum possible for GDPR breaches

Clearview AI, the controversial facial recognition firm that scrapes selfies and other personal data off the Internet without consent to feed an AI-powered identity-matching service it sells to law enforcement and others, has been hit with another fine in Europe.

More on the latest GDPR enforcement news can be found on:

enforcementtracker.com

GUIDANCE & OPINIONS

EDPB: Guidelines 9/2022 on personal data breach notification under GDPR

The European Data Protection Board welcomes comments on the targeted update made Guidelines 09/2022 on personal data breach notification under GDPR.

RESOURCES

🔊 In Conversation with Helen Dixon, the Data Protection Commissioner for Ireland

🔊 In Conversation with Helen Dixon, the Data Protection Commissioner for Ireland

In our latest podcast episode, the Data Protection Commissioner for Ireland, Helen Dixon, chats with the CEO of EM Ireland, Noelle O Connell.

DPC Case Studies

DPC Case Studies

The Irish Data Protection Commission has published new case studies:

Congressional Research Service: EU-U.S. Data Privacy Framework

The EU-U.S. Data Privacy Framework: Background, Implementation, and Next Steps.

IAPP: Privacy Tech Vendor Report 2022

IAPP: Privacy Tech Vendor Report 2022

The IAPP presents its sixth annual “Privacy Tech Vendor Report.” This issue, the IAPP lists 364 privacy technology vendors.

CONTRIBUTE

Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.