Privacy Transformation - Issue 186
PRIVACY
Meta faces record EU privacy fines
EU is finalizing imminent decisions on the legality of the US tech giant’s data-hungry business model.
RELATED:
Meta’s Targeted Ad Model Faces Restrictions in Europe
Dwyer's lawyers claim phone data retention is 'opportunistic form of mass surveillance'
Lawyers for Graham Dwyer, who murdered vulnerable care worker Elaine O'Hara for his sexual gratification, have argued that the retention of mobile phone data is an "opportunistic form of mass surveillance" that transforms phones into tracking devices that can reveal a detailed picture of every aspect of a person's life.
RELATED: 'Illegitimate' data law still stands as EU was not notified of new act rushed through this year
HSE brace for likely legal actions following cyber breach disclosures
Solicitor Fred Logue told The Journal that patients and staff are entitled to compensation for material and non-material losses under GDPR.
ICO on Public Sector Enforcement: Providing certainty on how we enforce the laws we regulate
John Edwards, UK Information Commissioner, recently set out our strategic approach to regulatory action where he said: “Members of the public, and those affected by a breach or infringement, are entitled to know that we have held the business or organisation to account, and that they have changed their practices as a result.”
SECURITY & TECH
Microsoft 365 faces darkening GDPR compliance clouds after German report
Legal trouble may be brewing for Microsoft in the European Union, where an assessment by a working group of German data protection regulators that's spent around two years looking into a swathe of privacy concerns attached to its cloud-based 365 productivity products.
Google must remove search data if proven inaccurate, EU court says
The EU's Court of Justice ruled that Google must remove data if a person making the request can prove the information is inaccurate.
TikTok's employees in China can now access EU users' data; Dutch experts concerned
From today, TikTok’s employees in China can access European users’ data. That violates European privacy laws, Dutch experts told NOS after looking at the social media platform’s updated privacy statement.
Apple advances user security with powerful new data protections
iMessage Contact Key Verification, Security Keys, and Advanced Data Protection for iCloud provide users important new tools to protect data.
‘NO’: Grad Students Analyze, Hack, and Remove Under-Desk Surveillance Devices Designed to Track Them
In October, the university quietly introduced heat sensors under desk without notifying students or seeking their consent. Students removed the devices, hacked them, and were able to force the university to stop its surveillance.
DATA BREACH
LastPass says it was breached — again
The password manager said a hacker used information stolen from a breach of LastPass' systems in August to break in again.
Brendan O'Connor sues Mediahuis over data breach
RTÉ broadcaster is latest to claim emails were illegally accessed by people working for INM
ENFORCEMENT
EU court rejects WhatsApp challenge against EU Data Protection Board
The Court of Justice of the European Union has dismissed as inadmissible an action brought by WhatsApp against a decision of the European Data Protection Board, it said in a statement on Wednesday.
RELATED: General Court: WhatsApp annulment action inadmissible (EDPB)
Musk's Twitter Firings Shrank Compliance Teams, Risks Investigations and Fines
The work of two key teams that Twitter Inc. relied on to comply with regulators abruptly stopped amid a rash of layoffs, resignations and firings, according to two people familiar with the matter. That puts the social media giant at risk of investigations and hefty fines, the people said.
DPC welcomes latest successful prosecution of marketing offences
The Data Protection Commission today welcomed the outcome of the prosecution proceedings that were taken by it at Naas District Court against a publishing company, Guerin Media Limited of Kill, Co. Kildare.
ICO: Five businesses fined a total of £435,000 for making nearly half a million unlawful marketing calls
The Information Commissioner’s Office (ICO) has fined five companies a total of £435,000 for making nearly half a million unlawful marketing calls to people registered with the Telephone Preference Service (TPS).
DPC: Inquiry concerning Meta Dataset
On 25 November 2022, the Data Protection Commission (‘the DPC’) adopted a decision to impose a fine of €265 million and to exercise other corrective powers on Meta Platforms Ireland Limited (formerly Facebook Ireland Limited) (‘Meta Platforms’).
RELATED: EDPB adopts Art. 65 dispute resolution binding decisions regarding Facebook, Instagram and WhatsApp
RESOURCES
ENISA: Foreign Information Manipulation Interference (FIMI) and Cybersecurity - Threat Landscape
The EU Agency for Cybersecurity (ENISA) and the European External Action Service (EEAS) have joined forces to study and analyse the threat landscape concerning Foreign Information Manipulation and Interference (FIMI) and disinformation. A dedicated analytical framework is put forward, consistent with the ENISA Threat Landscape (ETL) methodology, with the aim of analysing both FIMI and cybersecurity aspects of disinformation.
CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.