Privacy Transformation - Issue 30

PRIVACY

Ireland National Children's Hospital Chooses Hikvision End-to-End With Facial Recognition

The world's most expensive hospital project ever has chosen Hikvision but privacy experts and an Irish politician raised serious concerns.

How do I protect my online privacy from 'surveillance capitalism'?

Chris wants to better protect his privacy. What can he easily do besides de-Googling his online life?...

Chinese residents worry about rise of facial recognition

A study by a Beijing-based body indicates many are worried about their biometric data being hacked.

Talend Report Showcases Low GDPR Compliance Rates for Data Subject Access Requests

Talend’s new survey shows that less than half of all companies and public sector organizations were able to respond to a Data Subject Access Request within the time period stipulated by GDPR.

Therrien calls for rights-based privacy laws in annual report

Privacy Commissioner of Canada Daniel Therrien believes the country is having a crisis of trust. Canadians want to safely enjoy the benefits of technology; however, privacy laws in their current iteration do not go far enough to protect citizens’ rights, according to the commissioner.

SECURITY & TECH

Human insight remains essential to beat the bias of algorithms

When it comes to bias and artificial intelligence, there is a common belief that algorithms are only as good as the numbers plugged into them. But the focus on algorithmic bias being concentrated entirely on data has meant we have ignored two aspects of this problem: the deep limitations of existing algorithms and, more importantly, the role of human problem solvers.

Google Maps reveals updates aimed at boosting data privacy

The mapping service is introducing new tools to its iOS and Android apps.

ENFORCEMENT

Data Commissioner issues enforcement notice in respect of public services card

The Data Protection Commissioner (DPC) has served the Department of Employment Affairs and Social Protection with an enforcement notice regarding the stated illegality of the public services card.

Insufficient authentication procedure - €9,550,000 Fine

The Controller is company offering telecommunication services. A caller could obtain extensive information on personal customer data from the company's customer service department simply by entering a customer's name and date of birth. [Source in German]

Lack of appointment of data protection officer - €10,000 Fine

Despite repeated requests of the BfDI the company (an internet provider) did not comply with its legal obligation under Article 37 GDPR to appoint a data protection officer. [Source in German]

GUIDANCE

Guidelines 5/2019 on the criteria of the Right to be Forgotten in the search engines cases under the GDPR

Guidelines 5/2019 on the criteria of the Right to be Forgotten in the search engines cases under the GDPR (part 1).

RESOURCES

Behind the One-Way Mirror: A Deep Dive Into the Technology of Corporate Surveillance

It's time to shed light on the technical methods and business practices behind third-party tracking. For journalists, policy makers, and concerned consumers, this paper will demystify the fundamentals of third-party tracking, explain the scope of the problem, and suggest ways for users and legislation to fight back against the status quo.

Privacy Papers 2019

A collection of the winners of the 2019 Privacy Papers for Policymakers (PPPM) awards.

On Location, Time, and Membership: Studying How Aggregate Location Data Can Harm Users’ Privacy

The increasing availability of location and mobility data enables a number of applications, e.g., enhanced navigation services and parking, context-based recommendations, or waiting time predictions at restaurants, which have great potential to improve the quality of life in modern cities. However, the large-scale collection of location data also raises privacy concerns, as mobility patterns may reveal sensitive attributes about users.