Privacy Transformation - Issue 185

PRIVACY

Ireland fines Meta €265M for ‘data scraping’ leak

Ireland fines Meta €265M for ‘data scraping’ leak

The penalty is for a 2021 data breach, where more than half a million records of people’s personal information surfaced on a public forum.

RELATED: Data Protection Commission announces decision in Facebook “Data Scraping” Inquiry

First patch to the privacy laws in Australia: increased penalties for global companies

First patch to the privacy laws in Australia: increased penalties for global companies

The security of personal information belonging to Australian individuals has come under spotlight in recent months, with multiple major data breaches and privacy related contraventions triggering urgent reforms to the Privacy Act.

RELATED: Australia will now fine firms up to AU$50 million for data breaches

Twitter answering privacy concerns 'so far' - DPC

Twitter answering privacy concerns 'so far' - DPC

The lead privacy regulator for Twitter in the European Union said it was concerned about the potential impact of layoffs at the social media company on its ability to meet privacy obligations, but said it was so far getting answers to its questions.

SECURITY & TECH

UK introducing mandatory cyber incident reporting for managed service providers

UK introducing mandatory cyber incident reporting for managed service providers

The Record by Recorded Future gives exclusive, behind-the-scenes access to leaders, policymakers, researchers, and the shadows of the cyber underground.

Microsoft 365 Banned in Germany—What Should Businesses Do?

Microsoft 365 Banned in Germany—What Should Businesses Do?

The German state of Hesse has banned Microsoft 365 in its schools, citing privacy violations. Find out what led to the ban, and how businesses can stay compliant.

The biggest security risks of using fitness trackers and apps to monitor your health

Fitness trackers and apps from Google's Fitbit to Apple Watch and Strava help stay on top of health and wellness, but secure personal data before sporting them.

Pairing up Cybersecurity and Data Protection efforts: EDPS and ENISA sign Memorandum of Understanding

Pairing up Cybersecurity and Data Protection efforts: EDPS and ENISA sign Memorandum of Understanding

The European Data Protection Supervisor (EDPS) and the European Union Agency for Cybersecurity (ENISA) sign a Memorandum of Understanding which establishes a strategic cooperation framework between them.

UK NCSC: Weekly Threat Report

UK NCSC: Weekly Threat Report

The NCSC's threat report is drawn from recent open source reporting.

DATA BREACH

HSE begins notifying 113,000 people whose information was accessed during 2021 cyber-attack

HSE begins notifying 113,000 people whose information was accessed during 2021 cyber-attack

Those who had some of their personal information illegally accessed will be notified by letter over the coming months.

Millions of Twitter users have had their data leaked online

Millions of Twitter users have had their data leaked online

New sensitive Twitter data leaks online in latest online security blow.

DPC contacts Meta over suspected data breach at WhatsApp

DPC contacts Meta over suspected data breach at WhatsApp

WhatsApp parent Meta has been contacted by the Data Protection Commission (DPC) over a suspected data breach at the messaging app company.

Lastpass says hackers accessed customer data in new breach

Lastpass says hackers accessed customer data in new breach

LastPass says unknown attackers breached its cloud storage using information stolen during a previous security incident from August 2022.

ENFORCEMENT

Data watchdog to collect nearly €18m in GDPR-related fines

The country's privacy watchdog is set to collect nearly €18m in GDPR-related fines after a court approved several penalties which had gone unchallenged by the offending parties.

Data Protection Commission confirms six fines

Data Protection Commission confirms six fines

The Irish Data Protection Commission has announced decisions to impose administrative fines on six different organisations confirmed in the Dublin Circuit Court, ranging between €1,500 and €17 million.

RESOURCES

PrivacyPod: Make Risk-Based Approach Great Again with Eduardo Ustaran

PrivacyPod: Make Risk-Based Approach Great Again with Eduardo Ustaran

There's no such thing as too much talk about Schrems II, right? Tune in for our talk with the absolute expert on this topic, Eduardo Ustaran. We discuss the current state of international data transfers and when we can expect the new transfer deal to be finalized.

CONTRIBUTE

Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.