Privacy Transformation - Issue 252

Curated privacy, security & tech news, insights & resources with a focus on Irish and EU developments.


PRIVACY

Europe’s landmark AI Act passes Parliament vote

European lawmakers have voted to pass a landmark regulation on artificial intelligence in Strasbourg, a file that had garnered major lobbying attention from large tech companies over the past few years.

🔗 RELATED: ✏️ Opinion: EU’s much-heralded AI Act agreed by EU Parliament – but serious human rights holes in law remain


DATA BREACH

HSE suffers IT glitch that leaves data of more than one million people vulnerable to hackers

The HSE suffered an IT glitch that weakened security around the vaccination details of more than one million people, the agency has admitted. The organisation “misconfigured” a Covid-related database in December of 2021, a spokesperson said, opening the details of more than a million people up to potential exploitation.

🔗 RELATED:

French unemployment agency data breach impacts 43 million people

France Travail, formerly known as Pôle Emploi, is warning that hackers breached its systems and may leak or exploit personal details of an estimated 43 million individuals.


ENFORCEMENT

EDPS: European Commission’s use of Microsoft 365 infringes data protection law for EU institutions and bodies

Following its investigation, the EDPS has found that the European Commission has infringed several key data protection rules when using Microsoft 365. In its decision, the EDPS imposes corrective measures on the Commission (see annex for detailed excerpt).

🔗 RELATED: EU Commission breached data protection rules using Microsoft 365, EU watchdog found

UK DPA: ICO reprimands London Mayor's Office for Policing and Crime for complaint web form error

The London Mayor’s Office has today been reprimanded by the Information Commissioner’s Office for a web glitch that potentially revealed the personal information of people who were complaining about the Metropolitan Police Service.

Italian DPA: Italy's data watchdog looks into Open AI tool that turns text into video

Italy's data protection agency said on Friday it had opened an investigation into a service developed by Microsoft-backed Open AI that can generate videos based on text prompts. The regulator, known as Garante, asked Open AI to clarify whether the way it informs users and non users about the data it employs for its product, known as Sora, is in line with European Union regulations.


RESOURCES

📕 ENISA: Remote ID Proofing - Good practices

Through this report, ENISA aims to enhance stakeholder awareness, facilitate risk analysis in evolving threat landscapes, and bolster trustworthiness in remote identity proofing methods.


CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with your fellow privacy practitioners? Please do drop me a note!