Privacy Transformation - Issue 236
Curated privacy, security & tech news, insights & resources with a focus on Irish and EU developments.
PRIVACY
Meta secures temporary pause to effects of DPC’s data processing ban
The Irish arm of technology giant Meta has brought a High Court challenge against a proposed immediate ban against its Facebook and Instagram platforms from processing personal data for use in behavioural advertising.
EU countries call for ‘overarching and comprehensive evaluation’ of data protection law
The EU Council of Ministers considers the data protection framework a ‘success’ and does not call for a reopening of the legislation but a comprehensive evaluation next year.
Spanish EU presidency prepares to wrap up technical work on AI law
The Spanish presidency needs to conclude the technical preparation for the EU’s AI Act this week to request a revised mandate ahead of what is meant to be the last high-level meeting to reach a political agreement on the file.
🔗 RELATED: Meta disbanded its Responsible AI team
✍🏻 Solving the children's privacy 'puzzle'
Organizations and lawmakers striving to protect the online safety of children and teens in today's advanced and vast digital environment find themselves working to solve a "puzzle" that tries to balance varying legal jurisdictions and cultural considerations.
DATA BREACH
HSE to 'robustly' defend 400 lawsuits brought about by 2021 cyberattack
The HSE has been sued more than 400 times in the fall-out from the massive cyberattack which brought its systems to a halt in 2021, but said it will defend those claims “robustly”.
Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach
A notorious ransomware group has filed a complaint with the US Securities and Exchange Commission (SEC) over the failure of a victim to disclose an alleged data breach resulting from an attack conducted by the cybercrime gang itself.
Samsung says hackers accessed customer data during year-long breach
Samsung has admitted that hackers accessed the personal data of U.K.-based customers during a year-long breach of its systems.
ENFORCEMENT
Information Commissioner seeks permission to appeal Clearview AI ruling
The UK Information Commissioner is seeking permission to appeal the judgment of the First Tier Tribunal on Clearview AI.
noyb files complaint against EU Commission over targeted chat control ad campaign
noyb has lodged a complaint against the EU Commission with the European Data Protection Supervisor (EDPS) relating to the use of sensitive data for political micro-targeting.
RESOURCES
📗 Report: How Americans View Data Privacy
The role of technology companies, AI and regulation – plus personal experiences with data breaches, passwords, cybersecurity and privacy policies. [Read Full Report].
📰 NIST: Draft NIST IR 8496 for Data Classification
The National Cybersecurity Center of Excellence has released the initial public draft of NIST Internal Report 8496, Data Classification Concepts and Considerations for Improving Data Protection. The public comment period is open now through January 9, 2024. [Read Public Draft]
📕 ENISA: NIS Investments Report 2023
This report aims at providing policy makers with evidence to assess the effectiveness of the existing EU cybersecurity framework specifically through data on how Operators of Essential Services (OES) and Digital Service Providers (DSP) identified in the European Union’s directive on security of network and information systems (NIS Directive) invest their cybersecurity budgets and how the NIS Directive has influenced this investment.
CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with your fellow privacy practitioners? Please do drop me a note!