Sign in Subscribe

Privacy Transformation - Issue 26

PRIVACY

DNA collection firm focus of data protection inquiry

DNA collection firm focus of data protection inquiry

A State-backed company that plans to collect the DNA of hundreds of thousands of Irish people is being probed by the Data Protection Commissioner, following complaints about the way it gathers information.

Archiving and Accountability: The 46th EDPS-DPO meeting

Archiving and Accountability: The 46th EDPS-DPO meeting

The essence of data protection is of course about protecting the rights and freedoms of individuals, but this does not mean that data protection and archiving in the public interest have to be at odds. On the contrary, archives keep public administrations, governments and society at large accountable, and efficient data protection safeguards support effective records and archives management.

European Data Protection Board Fifteenth Plenary session

European Data Protection Board Fifteenth Plenary session

Fifteenth Plenary session: Privacy Shield Review, Guidelines on Territorial Scope, Guidelines on Data Protection by Design & Default, Art. 64 Opinion on Exxon Mobil BCRs, Response letter to LIBE, Additional Protocol Budapest Convention

New ePrivacy draft released ahead of WP TELE meetings

New ePrivacy draft released ahead of WP TELE meetings

Ahead of meetings with the Working Party on Telecommunications and Information Society, the Finnish Presidency of the Council of the European Union has released a new version of the proposed ePrivacy Regulation.

Pulling mandatory PSC for passports had 'whole of government repercussions', civil servants warned

Pulling mandatory PSC for passports had 'whole of government repercussions', civil servants warned

New documents have shown how the Passport Office considered its options before pulling the PSC as a mandatory requirement.

PAC rightly refuses to swallow ‘blame it on GDPR’ excuse

PAC rightly refuses to swallow ‘blame it on GDPR’ excuse

Data Protection Commissioner Helen Dixon has provided information to this newspaper showing how her office had continued to publish or release details of payments to third parties, including barristers, even after the introduction of GDPR, in sharp contrast to the position taken by the Department of Finance

Unpacking the FTC's comments on NIST's draft Privacy Framework

Unpacking the FTC's comments on NIST's draft Privacy Framework

The U.S. Federal Trade Commission recently voted unanimously in support of the submission of staff comments on the National Institute of Standards and Technology’s preliminary draft "Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management."

SECURITY & TECH

Data Protection Commission engaging with Revolut as a "matter of urgency" over privacy changes

Data Protection Commission engaging with Revolut as a "matter of urgency" over privacy changes

The Irish Data Protection Commission (DPC) has said that it will be engaging with financial technology company Revolut as "a matter of urgency" over their new policy changes.

Move Over Chrome, Brave May Just be The Coolest Privacy Focused Browser You Need

Move Over Chrome, Brave May Just be The Coolest Privacy Focused Browser You Need

The browser has emerged out of the beta test phase, and already has 8.7 million users.

Google’s ‘Project Nightingale’ Gathers Personal Health Data on Millions of Americans

Google’s ‘Project Nightingale’ Gathers Personal Health Data on Millions of Americans

Google is teaming with one of the country’s largest health-care systems on an ambitious project named “Project Nightingale” to collect and crunch detailed health information of millions of Americans across 21 states.

One of the world’s most advanced hacking groups debuts new Titanium backdoor

One of the world’s most advanced hacking groups debuts new Titanium backdoor

Malware hides at every step by mimicking common software in long multi-stage execution.

DATA BREACH

Breach of Leading Domain Name Registrar Could Lead to an Explosion in Phishing Scams

Breach of Leading Domain Name Registrar Could Lead to an Explosion in Phishing Scams

Domain name registrar Web.com announced a data breach that could lead to an explosion of phishing scams as the exposed personal information can be connected directly to websites and their owners.

ENFORCEMENT

Spanish DPA issues 12K euro fine for GDPR violations

Spanish DPA issues 12K euro fine for GDPR violations

The Spanish data protection authority, the Agencia Española de Protección de Datos, has fined Madrileña Red de Gas 12,000 euros for alleged violations of the EU General Data Protection Regulation.

GUIDELINES

Spanish DPA releases guide on cookies

Spanish DPA releases guide on cookies

The Spanish data protection authority, the AEPD, released a new guide on the use of cookies that is inconsistent with other Data Protection Authorities. In summary, the guidance states:

  • browsing another webpage
  • scrolling a website
  • closing a cookie banner
  • clicking on content

amounts to an “affirmative action” and hence is valid consent. This is in contrast to guidance from CNIL, the ICO, the Irish Data Protection Commission and others.

CNIL Adopts List of Processing Operations not Requiring a DPIA

CNIL Adopts List of Processing Operations not Requiring a DPIA

The GDPR provides that data protection authorities can compile a list of treatments for which a data protection impact assessment is not mandatory. The CNIL adopted its final list on September 12, after submitting a draft to the European Data Protection Board.

Read next