Privacy Transformation - Issue 234

Curated privacy, security & tech news, insights & resources with a focus on Irish and EU developments.

PRIVACY

Electric Ireland warns data of 8,000 customers may have been compromised

Electric Ireland said the personal and financial information of about 8,000 of its customers may have been compromised and misused by an individual for fraudulent purposes. It is liaising with An Garda Síochána and the Data Protection Commissioner regarding the compromised accounts.

EU ruling muddies waters for Irish data watchdog as Meta plots payment model

A new order from Europe’s privacy regulator is being viewed with bemusement by some as it bans the company from doing something it has already promised to move away from.

Frontex illegally processing migrants’ data, EU watchdog says

The EU border agency Frontex is processing personal data of migrants in breach of EU law and its own mandate, according to a letter by the European Data Protection Supervisor.

AI Act: MEPs mull narrow facial recognition technology uses in exchange for other bans

The European Parliament might be on the verge of agreeing to some narrow conditions for using remote biometric identification technologies in real-time as part of a package deal extending the list of prohibited practices.

EU and Japan conclude landmark deal on cross-border data flows at High-Level Economic Dialogue

The EU and Japan have concluded, on the margins of the G7 Trade Ministerial in Osaka, a landmark deal to make doing business in the online world easier, less costly and more efficient.

ICO and EDPS sign Memorandum of Understanding

The UK Information Commissioner’s Office and the European Data Protection Supervisor have signed a Memorandum of Understanding, which reinforces their common mission to uphold individuals’ data protection and privacy rights, and cooperate internationally to achieve this goal.

SECURITY & TECH

Irish cybersecurity chief warns of link between cyberattacks and disinformation campaigns

Ireland’s top cybersecurity chief has warned of a link between cyberattacks and disinformation campaigns.

Governance of foundation models in EU’s AI law starts to take shape

The Spanish presidency of the EU Council of Ministers has proposed a governance architecture for supervising the obligations on foundation models and high-impact foundation models that includes the establishment of a scientific panel.

🔗 RELATED:

• AI Act: Leading MEPs propose initial criteria for classifying foundation models as ‘high-impact’
• Spanish presidency pitches obligations for foundation models in EU’s AI law

YouTube’s Ad Blocker Detection Believed to Break EU Privacy Law

Privacy campaigner claims that YouTube’s new ad blocker detection is illegal under European law, and he's taking the fight to the European Commission.

Germany launches AI action plan to boost investments, European cooperation

Germany wants to boost the development of AI at a national and European levels, according to a new AI action plan presented by the Federal Ministry of Education and Research on 7 November, which aims to push the EU to match the already dominant US and China.

RESOURCES

📘 Report: Irish Data Protection Commission publishes findings of independent Governance review

The Data Protection Commission has today published PWC's Report following completion of their independent review of the DPC's governance structures, staffing arrangements and processes, as requested by the Minister for Justice. [Read Report]

📕 Paper: How do people feel about AI?

Artificial intelligence technologies already interact with many aspects of people’s lives. Their rapid development has resulted in increased national attention on AI and surrounding policy. In November 2022, the Ada Lovelace Institute and The Alan Turing Institute conducted a nationally representative survey of over 4,000 adults in Britain, to understand how the public currently experience AI.

📗 UK NCSC: Preparing for Quantum-Safe Cryptography

An NCSC whitepaper about mitigating the threat to cryptography from development in Quantum Computing.

🔗 RELATED: UK NCSC issues new guidance on post-quantum cryptography migration

▶ Webinar: What Should DPOs be Putting in Their 2024 Plans?

The Association of Data Protection Officers in Ireland is running a webinar focused on the topics that should be on a DPOs agenda in 2024. Topics to be discussed include:

• What topics are currently hot at the DPC and other EU Data Protection Authorities, and how might this impact your organisation?
• What topics should DPO’s always have in their annual plans?
• What are the best metrics or key performance indicators to report?
• What is the best way to report and monitor DP plans to leadership?

[Register Here]

CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with your fellow privacy practitioners? Please do drop me a note!